[原文]AdMan 1.0.20051221 and earlier allows remote attackers to obtain the full path via (1) a blank campaignId parameter to editCampaign.php and (2) a blank schemeId parameter to viewPricingScheme.php.
Adman contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker assigns an empty or invalid value in the campaignId variable in a request to the editCampaign.php script, which will disclose the software's installation path resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.
-
时间线
2006-03-23
Unknow
2006-03-23
Unknow
-
解决方案
Currently, there are no known upgrades, patches, or workarounds available to correct this issue.