Paliz CMS Path Disclosure

2012-08-27T00:00:00
ID PACKETSTORM:115928
Type packetstorm
Reporter HighSecure.ir
Modified 2012-08-27T00:00:00

Description

                                        
                                            `##################################################################################  
# Title: Paliz CMS Full Path Disclosure Vulnerability  
# Vulnerable Version: all versions  
# Vendor URL: http://palizct.com  
# Impact: Low  
##################################################################################  
  
===========================  
Vulnerability Description:  
===========================  
Full Path Disclosure Vulnerability, enable the attacker to see the root path.  
  
==================  
Proof Of Concept:  
==================  
  
http://[target]/portal/DeskTopModules/Currency/CurrencyAll.aspx?mID=[]  
  
=========  
Credits:  
=========  
  
HighSecure.ir  
Contact: advisories[aT]highsecure[dOt]ir  
  
============  
References:  
============  
  
http://www.highsecure.ir/research/20120822-paliz.txt  
  
##################################################################################  
`