Vulnerability: Bitrix Web Server Paths
Vendor: Bitrix
Product:Bitrix Site Manager 4.0.x
Consequences: Web server paths
Risk: Minimal
Description: during executions of
http://host/bitrix/templates/.default/subscribe/subscr_form.php
http://host /bitrix/php_interface/dbquery_error.php
there got an erros which is causing web server internal path information
availability
Google search: inurl: /bitrix/
Discoveried By D_BuG d_bug@xxxxx
NemesisSecurityTeam
http://nemesisoftware.com/
CheckZond free v. 1.0 http://nemesisoftware.com/products.htm
uses the vulnerabilities above for automatic vulnerabilities search (Google
Hacking technique) and usage.
--
Best regards,
D_BuG mailto:d_bug@xxxxx