Bugtraq mailing list archives
Powerschool 404 Admin Exposure
From: gheetotank () hotmail com
Date: 19 Feb 2007 05:06:38 -0000
Powerschool 4.3.6 and possibly other versions expose the admin interface when requesting any file with .js This allows one to see some directory and file names inside the admin folder. POC: http://[powerschoolip]/admin/.js Product's website does not provide email contact?
Current thread:
- Powerschool 404 Admin Exposure gheetotank (Feb 19)