[Full-Disclosure] Security hole in Confixx backup script
Hi, I found a security hole in Confixx. A malicious backup request via the webinterface might be used by any user to read files located in /root which is the default installation directory of confixx. The most interesting files you can retrieve with this attack are: /root/confixx/safe/shadow.tmp...