CVE-2004-2061 Information

Description

RiSearch 1.0.01 and RiSearch Pro 3.2.06 allows remote attackers to use the show.pl script as an open proxy or read arbitrary local files by setting the url parameter to a (1) http:// (2) ftp:// or (3) file:// URL.

Reference

http://marc.info/?l=bugtraq&m=109095196526490&w=2 http://secunia.com/advisories/12173 http://securitytracker.com/id?1010788 http://www.osvdb.org/8265 http://www.osvdb.org/8266 http://www.securityfocus.com/bid/10812 https://exchange.xforce.ibmcloud.com/vulnerabilities/16817 RiSearch 1.0.01 and RiSearch Pro 3.2.06 allows remote attackers to use the show.pl script as an open proxy or read arbitrary local files by setting the url parameter to a (1) http:// (2) ftp:// or (3) file:// URL.