[VIM] Re: [OSVDB Mods] XSS flaws and data disclosure in Easyxp41

security curmudgeon jericho at attrition.org
Fri Jul 29 17:36:14 EDT 2005


: ################################################
: information disclosure in /forum/ folder:
: #########################################
: 
: http://[victim]/modules/forum/cfg/
: http://[victim]/modules/forum/db/
: http://[victim]/modules/forum/msg/
: http://[victim]/modules/forum/admin/index.php
: http://[victim]/modules/forum/msg/1103495330.dat
: 
: #############
: information disclosure in /login/ folder:
: #############
: 
: http://[victim]/modules/login/
: http://[victim]/modules/login/login.php
: http://[victim]/modules/login/admin/option.php
: http://[victim]/modules/login/cfg/modules.cfg
: http://[victim]/cfg/config.cfg
: http://[victim]/mesdocuments/
: http://[victim]/modules/news/

Hi FalconDeOro,

Can you clarify what kind of information disclosure this is? I am guessing 
path disclosure?

Brian
OSVDB.org



More information about the VIM mailing list