Full Disclosure mailing list archives
Hotlinking Vulnerability in PHProxy 0.5b2
From: Celso Bento <celsobento2009 () gmail com>
Date: Mon, 9 Jan 2017 19:23:19 +0000
A flaw exists in PHProxy 0.5b2 hotlinking feature which allow anyone using some coding to link to proxified pages. By default hotlinking is active to prevent users from retrieving pages directly from the proxy requiring them to use the form. This can be easily bypassed. This is the same type of vulnerability found on Glype 1.4.4. Other webproxies may be vulnerable too... _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Current thread:
- Hotlinking Vulnerability in PHProxy 0.5b2 Celso Bento (Jan 09)