Vikingboard 0.1.2 allows remote attackers to obtain sensitive information via the debug parameter to (1) forum.php, (2) cp.php, and possibly other unspecified components.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Vikingboard | Vikingboard | 0.1.2 (including) | 0.1.2 (including) |
References
- http://lostmon.blogspot.com/2007/07/vikingboard-debug-information.html
- http://lostmon.blogspot.com/2007/07/vikingboard-multiple-cross-site.html
- http://osvdb.org/36902
- http://osvdb.org/36903
- http://secunia.com/advisories/26196
- http://secwatch.org/advisories/1018567/
- http://www.securityfocus.com/bid/25060
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35602
- http://lostmon.blogspot.com/2007/07/vikingboard-debug-information.html
- http://lostmon.blogspot.com/2007/07/vikingboard-multiple-cross-site.html
- http://osvdb.org/36902
- http://osvdb.org/36903
- http://secunia.com/advisories/26196
- http://secwatch.org/advisories/1018567/
- http://www.securityfocus.com/bid/25060
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35602