Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Powerschool 404 Admin Exposure

From: gheetotank () hotmail com
Date: 19 Feb 2007 05:06:38 -0000
Powerschool 4.3.6 and possibly other versions expose the admin interface when requesting any file with .js

This allows one to see some directory and file names inside the admin folder.

POC:

http://[powerschoolip]/admin/.js

Product's website does not provide email contact?
Previous By Date Next
Previous By Thread Next

Current thread: