[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CitrusDB 2.4.1 - LFI/SQLi Vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: CitrusDB 2.4.1 - LFI/SQLi Vulnerability
From: mbsarwin@xxxxxxxxxxxxxxx
Date: Tue, 10 Jul 2012 15:23:12 GMT

Hi I tried this LFI. it does not display the /etc/password file. So ver 2.4.1. 
seems protected. looks like it is a false alarm.

Prev by Date: Re: Re: plow 0.0.5 <= Buffer Overflow Vulnerability
Next by Date: Multiple Cross-Site Scripting (XSS) in Kajona
Previous by thread: [security bulletin] HPSBMU02796 SSRT100594 rev.1 - HP Operations Agent for AIX, HP-UX, Linux, Solaris and Windows, Remote Execution of Arbitrary Code
Next by thread: Multiple Cross-Site Scripting (XSS) in Kajona
Index(es):
- Date
- Thread