Z-blog 1.8 web path information disclosure vulnerability and fix-vulnerability warning-the black bar safety net

2011-05-10T00:00:00
ID MYHACK58:62201130403
Type myhack58
Reporter 佚名
Modified 2011-05-10T00:00:00

Description

Affected version: Z-blog 1.8

Vulnerability description:

Z-blog is based on Asp platform Blog blog(weblog)program

Z-blog using the default editor there is a path information disclosure vulnerability

Test method: http://www.myhack58.com/admin/FCKeditor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php

Safety recommendations: Manufacturers patch:

Z-blog \ ------- The current vendor has not provided the patch or upgrade process, we recommend the use of this software users follow the manufacturer's home page to get the latest version:

http://www.rainbowsoft.org