Main Menu
Our Sponsors
Chi Kien Uong
Geranienstraße 30
71034 Böblingen
Deutschland / Germany
If you are not registered or logged in, you may still use these forums but with limited features. Show recent topics
  [Search] Search   [Hottest Topics] Hottest Topics   [Members]  Member Listing   [FAQ]  FAQ 
[Register] Register /  [Login] Login 
[Security Bug] Full Path Disclosure  XML
Forum Index » Advanced Guestbook Forum
Author Message
[Post New]20/11/2005 22:11:53
    Subject: [Security Bug] Full Path Disclosure
[Up]
tandilboy
Newbie

Joined: 04/11/2005 15:58:43
Messages: 2
Offline
when i put this link in my browser the guestbook shows this error

http://proxy2.de/guestbook/picture.php?img=


this is a full path disclosure bug

FIX it
[Post New]21/11/2005 09:48:57
    Subject:
[Up]
Carbonize
Master
[Avatar]

Joined: 12/06/2003 19:26:08
Messages: 4292
Location: Bristol, UK
Offline
PHP always displays the full file path when it informs you of an error. What is the security risk?
Carbonize
I am not the maker of the Advanced Guestbook

get Lazarus
[Email] [WWW] [Yahoo!] aim icon [MSN] [ICQ]
 
Forum Index » Advanced Guestbook Forum
Go to:   
Based on the open source JForum