[ka-Map-dev] [Bug 1630] New: getcjs.php critical information
disclosure vulnerability
bugzilla-daemon at bugzilla.maptools.org
bugzilla-daemon at bugzilla.maptools.org
Wed Jan 10 16:02:42 EST 2007
http://bugzilla.maptools.org/show_bug.cgi?id=1630
Summary: getcjs.php critical information disclosure vulnerability
Product: ka-Map
Version: 0.3
Platform: All
OS/Version: Linux
Status: NEW
Severity: critical
Priority: P5
Component: core
AssignedTo: ka-map-dev at lists.maptools.org
ReportedBy: gperry at flenvironmental.org
getcjs.php will accept any filename as an argument, including potentially
sensitive system files such as /etc/passwd and the like.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
Please do NOT reply to this email, use the link above instead to
login to bugzilla and submit your comment. Any email reply to this
address will be lost.
More information about the ka-Map-dev
mailing list