FD Script 1.3.x FName Parameter Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/22265/info FD Script is prone to an information-disclosure vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files...

CVE-2007-0620

download.php in FD Script 1.3.2 and earlier allows remote attackers to read source of files under the web document root with certain extensions, including .php, via a relative pathname in the fname parameter, as demonstrated by downloading config.php...

Code injection

download.php in FD Script 1.3.2 and earlier allows remote attackers to read source of files under the web document root with certain extensions, including .php, via a relative pathname in the fname parameter, as demonstrated by downloading config.php...

CVE-2007-0620

CVE-2007-0620 affects FD Script prior to or including 1.3.2. The vulnerability exists in download.php, where a relative pathname supplied by the fname parameter can cause the web server to disclose source files under the document root (e.g., config.php) with certain extensions (including .php). T...

FD Script 1.3.x - FName Information Disclosure

FD Script 1.3.x - FName Information Disclosure source: https://www.securityfocus.com/bid/22265/info FD Script is prone to an information-disclosure vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve...

FD Script 1.3.x - 'FName' Information Disclosure

source: https://www.securityfocus.com/bid/22265/info FD Script is prone to an information-disclosure vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable system in the...