cve/CVE-2004-1572.md at e67cd2fdb0a3b693c8a19c46acadbde4fe3ee9dd

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-12-16 20:27:21 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

AJ-Fork 167 does not restrict access to directories such as (1) data, (2) inc, (3) plugins, (4) skins, or (5) tools, which allows remote attackers to list files in those directories via a direct HTTP request.

POC

Reference

http://echo.or.id/adv/adv07-y3dips-2004.txt
http://marc.info/?l=bugtraq&m=109664986210763&w=2

Github

No PoCs found on GitHub currently.

724 B Raw Blame History

CVE-2004-1572

Description

POC

Reference

Github

724 B

Raw Blame History