Jump to content

Search the Community

Showing results for tags 'dlguard'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Informatii generale
    • Anunturi importante
    • Bine ai venit
    • Proiecte RST
  • Sectiunea tehnica
    • Exploituri
    • Challenges (CTF)
    • Bug Bounty
    • Programare
    • Securitate web
    • Reverse engineering & exploit development
    • Mobile security
    • Sisteme de operare si discutii hardware
    • Electronica
    • Wireless Pentesting
    • Black SEO & monetizare
  • Tutoriale
    • Tutoriale in romana
    • Tutoriale in engleza
    • Tutoriale video
  • Programe
    • Programe hacking
    • Programe securitate
    • Programe utile
    • Free stuff
  • Discutii generale
    • RST Market
    • Off-topic
    • Discutii incepatori
    • Stiri securitate
    • Linkuri
    • Cosul de gunoi
  • Club Test's Topics
  • Clubul saraciei absolute's Topics
  • Chernobyl Hackers's Topics
  • Programming & Fun's Jokes / Funny pictures (programming related!)
  • Programming & Fun's Programming
  • Programming & Fun's Programming challenges
  • Bani pă net's Topics
  • Cumparaturi online's Topics
  • Web Development's Forum
  • 3D Print's Topics

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


Yahoo


Jabber


Skype


Location


Interests


Occupation


Interests


Biography


Location

Found 1 result

  1. *DLGuard Full Path Disclosure (Information Leakage) Security Vulnerabilities* Exploit Title: DLGuard /index.php c parameter Full Path Disclosure Security Vulnerabilities Product: DLGuard Vendor: DLGuard Vulnerable Versions: v4.5 Tested Version: v4.5 Advisory Publication: Feb 18, 2015 Latest Update: Feb 18, 2015 Vulnerability Type: Information Exposure [CWE-200] CVE Reference: * Credit: Wang Jing [Mathematics, Nanyang Technological University, Singapore] *Advisory Details:* *(1) Vendor & Product Description:* *Vendor:* DLGuard *Product & Version:* DLGuard v4.5 *Vendor URL & Download:* DLGuard can be downloaded from here, http://www.dlguard.com/dlginfo/index.php *Product Introduction:* “DLGuard is a powerful, yet easy to use script that you simply upload to your website and then rest assured that your internet business is not only safe, but also much easier to manage, automating the tasks you just don't have the time for." "DLGuard supports the three types, or methods, of sale on the internet: <1>Single item sales (including bonus products!) <2>Multiple item sales <3>Membership websites" *(2) Vulnerability Details:* DLGuard has a security problem. It can be exploited by Full Path Disclosure attacks. *(2.1)* The first vulnerability occurs at “index.php” page with ""c" parameters of it. *References:* http://tetraph.com/security/full-path-disclosure-vulnerability/dlguard-full-path-disclosure-information-leakage-security-vulnerabilities/ http://securityrelated.blogspot.com/2015/02/dlguard-full-path-disclosure.html -- Wang Jing, Division of Mathematical Sciences (MAS), School of Physical and Mathematical Sciences (SPMS), Nanyang Technological University (NTU), Singapore. http://www.tetraph.com/wangjing/ https://twitter.com/justqdjing Source
×
×
  • Create New...