[VIM] Re: [OSVDB Mods] XSS flaws and data disclosure in Easyxp41
security curmudgeon
jericho at attrition.org
Fri Jul 29 17:36:14 EDT 2005
: ################################################
: information disclosure in /forum/ folder:
: #########################################
:
: http://[victim]/modules/forum/cfg/
: http://[victim]/modules/forum/db/
: http://[victim]/modules/forum/msg/
: http://[victim]/modules/forum/admin/index.php
: http://[victim]/modules/forum/msg/1103495330.dat
:
: #############
: information disclosure in /login/ folder:
: #############
:
: http://[victim]/modules/login/
: http://[victim]/modules/login/login.php
: http://[victim]/modules/login/admin/option.php
: http://[victim]/modules/login/cfg/modules.cfg
: http://[victim]/cfg/config.cfg
: http://[victim]/mesdocuments/
: http://[victim]/modules/news/
Hi FalconDeOro,
Can you clarify what kind of information disclosure this is? I am guessing
path disclosure?
Brian
OSVDB.org
More information about the VIM
mailing list