[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FD] uni-konstanz.de subdomain, arbitrary file download

To: fulldisclosure@xxxxxxxxxxxx
Subject: [FD] uni-konstanz.de subdomain, arbitrary file download
From: b4mbi@xxxxxxxxxxxxx
Date: Fri, 26 Sep 2014 13:06:04 -0400

Hi,
there is a arbitrary file download vulnerability in the University Konstanz 
Website.
Vulnerable link: 
http://www.wiwi.uni-konstanz.de/index.php?eID=tx_nawsecuredl&u=0&file=[ File 
here! ]

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Prev by Date: Re: [FD] Critical bash vulnerability CVE-2014-6271 (slightly OT logo discussion)
Next by Date: Re: [FD] Critical bash vulnerability CVE-2014-6271
Previous by thread: [FD] Paypal Inc Bug Bounty #32 - Multiple Persistent Vulnerabilities
Next by thread: [FD] XSS Reflected vulnerabilities and CSRF in Exinda WAN Optimization Suite (CVE-2014-7157, CVE-2014-7158)
Index(es):
- Date
- Thread