CGIScript.net CSFAQ 1.0 Script - Full Path Disclosure

EDB-ID:

24237




Platform:

CGI

Date:

2004-06-28


source: https://www.securityfocus.com/bid/10618/info

A vulnerability has been identified in the application that may allow an attacker to disclose the installation path.

Successful exploitation of this vulnerability may allow an attacker to gain sensitive information about the file system that may aid in launching more direct attacks against the system.

All current versions of csFAQ are considered vulnerable to this issue. 

http://www.example.com/cgi-script/csFAQ/csFAQ.cgi?command=viewFAQ&database=/.darkbicho