cindex.php in Scriptsez.net E-Dating System allows remote attackers to obtain the full path via an invalid id parameter in a dologin action, which leaks the path in an error message.
References
Link | Resource |
---|---|
http://archives.neohapsis.com/archives/bugtraq/2006-06/0067.html | Exploit |
http://secunia.com/advisories/20535 | Vendor Advisory |
http://securityreason.com/securityalert/2300 |
Configurations
History
No history.
Information
Published : 2007-02-24 01:28
Updated : 2024-02-28 11:01
NVD link : CVE-2006-7060
Mitre link : CVE-2006-7060
CVE.ORG link : CVE-2006-7060
JSON object : View
Products Affected
scriptsez.net
- e-dating_system
CWE