 |
Menu |
 |
|
 Home |
| |
|
 Discussions |
| |
|
 Tools |
| |
|
| Affiliates |
| |
|
 Content |
| |
|
 Info |
| | |
|
|
|
|
|
User Info |
|
 Membership:
 Latest: MichaelSnaRe
 New Today: 0
 New Yesterday: 0
 Overall: 9144
 People Online:
 Visitors: 68
 Members: 0
 Total: 68
|
|
|
|
|
|
Full disclosure |
|
CyberDanube Security Research 20251014-0 | Multiple Vulnerabilities in Phoenix Contact QUINT4 UPS
apis.google.com - Insecure redirect via __lu parameter(exploited in the wild)
Urgent Security Vulnerabilities Discovered in Mercku Routers Model M6a
Re: Security Advisory: Multiple High-Severity Vulnerabilities in Suno.com (JWT Leakage, IDOR, DoS)
Security Advisory: Multiple High-Severity Vulnerabilities in Suno.com (JWT Leakage, IDOR, DoS)
[SBA-ADV-20250730-01] CVE-2025-39664: Checkmk Path Traversal
[SBA-ADV-20250724-01] CVE-2025-32919: Checkmk Agent Privilege Escalation via Insecure Temporary Files
CVE-2025-59397 - Open Web Analytics SQL Injection
Re: [FD]Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain ? Secure Enclave Key Theft, Wormable RCE, Crypto Theft
Re: Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain ? Secure Enclave Key Theft, Wormable RCE, Crypto Theft
Re: Defense in depth -- the Microsoft way (part 93): SRP/SAFERwhitelisting goes black on Windows 11
Re: [FD]: "Glass Cage" – Zero-Click iMessage ? Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201, CNVD-2025-07885)
Re: [FD]Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain ? Secure Enclave Key Theft, Wormable RCE, Crypto Theft
Samtools v1.22.1 Uncontrolled Memory Allocation from Large BED Intervals Causes Denial-of-Service in Samtools/HTSlib
Samtools v1.22.1 Improper Handling of Excessive Histogram Bin Counts in Samtools Coverage Leads to Stack Overflow
|
|
|
|
|
|
 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
|
is this Full path disclosure ? |
|
 Posted: Fri Jul 09, 2004 4:06 pm |
 |
|
| SteX |
| Advanced user |
 |
|
| Joined: May 18, 2004 |
| Posts: 181 |
| Location: Serbia |
|
|
 |
|
 |
|
i go to nukemods.com download module trought google,and saw this:
| Quote: | | Warning: mysql_fetch_row(): supplied argument is not a valid MySQL result resource in /home/nukemods/domains/nukemods.com/public_html/includes/sql_layer.php on line 286 |
is this Full path disclosure or relative path disclosure ? |
|
_________________
We would change the world, but God won't give us the sourcecode...
....Watch the master. Follow the master. Be the master....
------------------------------------------------------- |
|
|
|
| Posted: Sun Jul 11, 2004 1:14 pm |
|
|
| madman |
| Active user |
 |
|
| Joined: May 24, 2004 |
| Posts: 46 |
|
|
|
|
|
|
|
It's full path disclosure.
This reveal the www path:
/home/nukemods/domains/nukemods.com/public_html/
Or, the user root path:
/home/nukemods/domains/nukemods.com/
Unfortunately, it also reveal the host account (nukemods.com) and probably the host panel software (cPanel). |
|
_________________
ch88rs,
madman |
|
|
|
|
a |
|
| Posted: Sun Jul 11, 2004 8:43 pm |
|
|
| SteX |
| Advanced user |
|
|
| Joined: May 18, 2004 |
| Posts: 181 |
| Location: Serbia |
|
|
|
|
|
|
| hmm..i just searched the google for some themes,and clicked nukemods.com in the results ,and saw this.. |
|
_________________
We would change the world, but God won't give us the sourcecode...
....Watch the master. Follow the master. Be the master....
------------------------------------------------------- |
|
|
|
| Posted: Mon Jul 12, 2004 5:25 pm |
|
|
| madman |
| Active user |
|
|
| Joined: May 24, 2004 |
| Posts: 46 |
|
|
|
|
|
|
|
| Most PHP error/warning/notice msg can reveal physical path. But path disclosure does nothing unless you intend to gain root access to target account, e.g. FTP access through anonymous FTP vulnerabilities. |
|
_________________
ch88rs,
madman |
|
|
|
| Posted: Mon Jul 12, 2004 8:33 pm |
|
|
| SteX |
| Advanced user |
|
|
| Joined: May 18, 2004 |
| Posts: 181 |
| Location: Serbia |
|
|
|
|
|
|
| madman wrote: | | Most PHP error/warning/notice msg can reveal physical path. But path disclosure does nothing unless you intend to gain root access to target account, e.g. FTP access through anonymous FTP vulnerabilities. |
yes,i know that..  |
|
_________________
We would change the world, but God won't give us the sourcecode...
....Watch the master. Follow the master. Be the master....
------------------------------------------------------- |
|
|
|
| Posted: Tue Jul 13, 2004 8:25 pm |
|
|
| madman |
| Active user |
|
|
| Joined: May 24, 2004 |
| Posts: 46 |
|
|
|
|
|
|
|
| SteX wrote: |
yes,i know that.. |
Know what  Stealing FTP password? |
|
_________________
ch88rs,
madman |
|
|
|
| Posted: Mon Jul 26, 2004 10:10 pm |
|
|
| hackr3d |
| Regular user |
 |
|
| Joined: Jun 13, 2004 |
| Posts: 10 |
|
|
|
|
|
|
|
|
_________________
venezuela hacking...!! |
|
|
|
www.waraxe.us Forum Index -> Full path disclosure
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
