header-logo
Suggest Exploit
vendor:
csFAQ
by:
Unknown
4.3
CVSS
MEDIUM
Installation Path Disclosure
Path Traversal (22)
CWE
Product Name: csFAQ
Affected Version From: All current versions
Affected Version To: All current versions
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested: Unknown
Unknown

csFAQ Installation Path Disclosure Vulnerability

A vulnerability has been identified in the application that may allow an attacker to disclose the installation path. Successful exploitation of this vulnerability may allow an attacker to gain sensitive information about the file system that may aid in launching more direct attacks against the system.

Mitigation:

Unknown
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/10618/info

A vulnerability has been identified in the application that may allow an attacker to disclose the installation path.

Successful exploitation of this vulnerability may allow an attacker to gain sensitive information about the file system that may aid in launching more direct attacks against the system.

All current versions of csFAQ are considered vulnerable to this issue. 

http://www.example.com/cgi-script/csFAQ/csFAQ.cgi?command=viewFAQ&database=/.darkbicho

Navigation

Suggest Exploit

Services By CQR