header-logo
Suggest Exploit
vendor:
Bonsai
by:
SecurityFocus
2.1
CVSS
LOW
Path Disclosure
200
CWE
Product Name: Bonsai
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: N/A
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

Path Disclosure Vulnerability in Mozilla Bonsai

An attacker can exploit this vulnerability by making a malformed request to Bonsai. This causes Bonsai to return an error page to the requesting user. This error page will contain the absolute path information about the requested file.

Mitigation:

Ensure that the application does not return any sensitive information in response to a malformed request.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/5517/info

A path disclosure vulnerability has been reported in Mozilla Bonsai.

An attacker can exploit this vulnerability by making a malformed request to Bonsai. This causes Bonsai to return an error page to the requesting user. This error page will contain the absolute path information about the requested file.

/bonsai/cvsview2.cgi
/bonsai/multidiff.cgi

Navigation

Suggest Exploit

Services By CQR