Siteframe CMS 2.2.4 - 'download.php' Information Disclosure

Author: Ertan Kurt
type: webapps
platform: php
port: 
date_added: 2003-03-19  
date_updated: 2016-12-14  
verified: 1  
codes: OSVDB-54766  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 22386.txt  

source: https://www.securityfocus.com/bid/7143/info

Siteframe has been reported vulnerable to an information disclosure vulnerability.

When handling certain download requests Siteframe may be lead into an error condition. When these errors occur, the script will output some path information.

Information obtained in this manner may be used by an attacker to launch further attacks against a vulnerable system.

http://www.example.com/download.php?id=2%