CVE-2004-2616 Information

Description

The file server in ActivePost Standard 3.1 and earlier allows remote authenticated users to obtain sensitive information by uploading a file which reveals the path in a success message.

Reference

http://aluigi.altervista.org/adv/actp-adv.txt http://archives.neohapsis.com/archives/fulldisclosure/2004-09/0852.html http://marc.info/?l=bugtraq&m=109597139011373&w=2 http://securitytracker.com/id?1011406 http://www.osvdb.org/10235