2 matches found
Cart32 Arbitrary File Download Vulnerability
======================================================================== = Cart32 Arbitrary File Download Vulnerability = = Vendor Website: = http://www.cart32.com = = Affected Version: = -- All releases prior to and including v6.3 = = Public disclosure on Thursday 4th October 2007 =...
FreeBSD : horde -- 'url' disclosure of sensitive information vulnerability (c7c09579-b466-11da-82d0-0050bf27ba24)
Secunia advisory SA19246 : Paul Craig has discovered a vulnerability in Horde, which can be exploited by malicious people to disclose sensitive information. Input passed to the 'url' parameter in 'services/go.php' isn't properly verified, before it is used in a 'readfile' call. This can be...