Alstrasoft Article Manager Pro 1.6 allows remote malicious users to obtain sensitive information via (1) a quote character or possibly an invalid value in the action parameter in a request to mrarticles.php or (2) a login QUERY_STRING to admin.php without any additional parameters, which reveal the path in various error messages.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
alstrasoft article manager pro 1.6 |