AdMan 1.0.20051221 and previous versions allows remote malicious users to obtain the full path via (1) a blank campaignId parameter to editCampaign.php and (2) a blank schemeId parameter to viewPricingScheme.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
brain book software adman |