Lpanel checkwire.php Invoice Link Session Hijack Arbitrary Invoice Data Disclosure

2005-04-10T04:26:42
ID OSVDB:17316
Type osvdb
Reporter OSVDB
Modified 2005-04-10T04:26:42

Description

Solution Description

Upgrade to version 1.596 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

References:

Vendor URL: http://www.lpanel.net/ Vendor Specific News/Changelog Entry: http://www.lpanel.net/changelog.php