PsychoStats <= 2.3 - Server.PHP Path Disclosure Vulnerability

ID EDB-ID:30051
Type exploitdb
Reporter kefka
Modified 2007-05-17T00:00:00


PsychoStats 2.3 Server.PHP Path Disclosure Vulnerability. CVE-2007-2780. Webapps exploit for php platform


PsychoStats is prone to a path-disclosure issue when invalid data is submitted.

Exploiting this issue can allow an attacker to access sensitive data that may be used to launch further attacks against a vulnerable computer.

PsychoStats 3.0.6b and prior versions are vulnerable to this issue.[path]/server.php?newcss=styles.css&newtheme=%00