Sensitive Information Disclosure (Source Code Path Disclosure)

 



 "Affected Component" field was set to:/app/elkarbackup/src/Binovo/ElkarBackupBundle/Controller/DefaultController.php




 An attacker can able to identify the Source code and its path disclosure and able to proceed with the other attacks


A Sensitive Source Code


Path Disclosure vulnerability is found in ElkarBackup v1.3.3. An attacker is able to view the path of the source code jobs/sort where entire source code path is displayed in the browser itself helping the attacker identify the code structure /app/elkarbackup/src/Binovo/ElkarBackupBundle/Controller/DefaultController.php


Path Disclosure



Comments

  1. These are great insights. It was very informative. Although most browsers can be used for Automated website testing across platforms, Safari and IE are the biggest roadblocks because they are OS-specific. A Mac could have a few virtual machines that run Windows or Linux. Or just Windows, since Chrome and Firefox (clones) are the main browsers for Linux. This way, you don't need to create a new OS each time. If there are any problems with the VM, you can just kill it and start a fresh one.

    ReplyDelete

Post a Comment