We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? # to your account
PoC : http://localhost/openClinic/shared/view_source.php?file=../config/database_constants.php Impact : Anyone login to the the admin account can read files from server like config and maybe can get RCE. Fix : remove the view_source.php or you can blacklist the dot and slashes .
Hitman ALHarbi | Blackfoxs Team .
The text was updated successfully, but these errors were encountered:
7821ba2
jact
No branches or pull requests
PoC : http://localhost/openClinic/shared/view_source.php?file=../config/database_constants.php
Impact : Anyone login to the the admin account can read files from server like config and maybe can get RCE.
Fix : remove the view_source.php or you can blacklist the dot and slashes .
Hitman ALHarbi | Blackfoxs Team .
The text was updated successfully, but these errors were encountered: