Chipmunk Scripts Guestbook allows remote attackers to obtain the installation path of the script via a URL that causes an error message to be displayed, such as a URL that contains a single quote () in the start parameter of index.php.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Chipmunk_guestbook | Chipmunk_scripts | * | * |
References
- http://irannetjob.com/content/view/148/28/
- http://marc.info/?l=bugtraq\u0026m=112982490104274\u0026w=2
- http://securityreason.com/securityalert/96
- http://www.osvdb.org/20170
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22825
- http://irannetjob.com/content/view/148/28/
- http://marc.info/?l=bugtraq\u0026m=112982490104274\u0026w=2
- http://securityreason.com/securityalert/96
- http://www.osvdb.org/20170
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22825