<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Bugtraq: Clientexec Billing Software

Clientexec Billing Software

From: <bugtraq_at_rloxy.com>
Date: Mon, 11 Oct 2004 20:03:16 -0500

Clientexec is a php billing software with a target audience of webhosts. By
default there is a file called phpinfo.php in the main clientexec directory.
This can be access by anyone with a web browser. I looked through the
documentation and didn't find any reference to it. I then checked several
different companies using this piece of software and all had it in the same
place. I contacted the vendor and he said he would fix it. I know this sounds
silly, but many people that use this software are not familar with issues like
these let alone know what the phpinfo() function does.

William

----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
Received on Oct 15 2004

This message: [ Message body ]
Next message: wirepair: "Re: [VulnWatch] CORE-2004-0802: IIS NNTP Service XPAT Command Vulnerabilities"
Previous message: Paul Szabo: "Eudora 6.2.0.7 attachment spoof"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]