3 matches found
CVE-2007-3127
content.php in WSPortal 1.0, when magicquotesgpc is disabled, allows remote attackers to obtain sensitive information via a "';" quote semicolon sequence in the page parameter, which reveals the installation path in the resulting forced SQL error message...
CVE-2007-3127
content.php in WSPortal 1.0, when magicquotesgpc is disabled, allows remote attackers to obtain sensitive information via a "';" quote semicolon sequence in the page parameter, which reveals the installation path in the resulting forced SQL error message...
CVE-2007-3127
CVE-2007-3127 affects WSPortal 1.0. The issue is a path disclosure vulnerability in content.php: when magic_quotes_gpc is disabled, a crafted page parameter containing a "'"; sequence can trigger a forced SQL error that reveals the server installation path. Impact is information disclosure (parti...