• Welcome to Web Hosting Community Forum for Webmasters - Web hosting Forum.
 

Recommended Providers

Fully Managed WordPress Hosting
lc_banner_leadgen_3
Fully Managed WordPress Hosting

WordPress Theme

Divi WordPress Theme
WPZOOM

Forum Membership

Forum Membership

ClientExec - Content Disclosure Vulnerability - v4.6.8

Started by Kailash, December 07, 2013, 07:02:27 PM

Kailash

QuoteType: Content Disclosure
                Location: Remote
                   Impact: Medium
                  Product: ClientExec
                 Website: http://www.clientexec.com
Vulnerable Version: 4.6.8
         Fixed Version: 4.6.9
          Reported By: Rack911

Vulnerability Description:


A malicious user can obtain the product details (name / domain) belonging to any other user when they submit a ticket by carefully crafting the request.

Vulnerable Version:

This vulnerability was tested against ClientExec v4.6.8.

Fixed Version:


This vulnerability was patched in ClientExec v4.6.9.