header-logo
Suggest Exploit
vendor:
PsychoStats
by:
5.5
CVSS
MEDIUM
Path Disclosure
200
CWE
Product Name: PsychoStats
Affected Version From: 3.0.6b
Affected Version To: 3.0.6b
Patch Exists: NO
Related CWE:
CPE: a:psychostats_project:psychostats:3.0.6b
Metasploit:
Other Scripts:
Platforms Tested:

Path Disclosure Vulnerability in PsychoStats

The PsychoStats application is prone to a path-disclosure issue when invalid data is submitted. This vulnerability allows an attacker to access sensitive data that can be used to launch further attacks against a vulnerable computer.

Mitigation:

Upgrade to a version higher than PsychoStats 3.0.6b to mitigate this vulnerability.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/24039/info

PsychoStats is prone to a path-disclosure issue when invalid data is submitted.

Exploiting this issue can allow an attacker to access sensitive data that may be used to launch further attacks against a vulnerable computer.

PsychoStats 3.0.6b and prior versions are vulnerable to this issue. 

http://www.example.com/[path]/server.php?newcss=styles.css&newtheme=%00

Navigation

Suggest Exploit

Services By CQR