Grey Hat Boys Discover Full Path Disclosure Vulnerabilities
Iranian security team Grey Hat Boys have discovered Full Path Disclosure – FPD – vulnerabilities in three different web software. OpenCart 1.5.4, WordPress wp-shopping-cart and CMSMadeSimple version 1.11.10 are found vulnerable by Grey Hat Boys.
Full Path Disclosure vulnerabilities enable the attacker to see the path to the webroot/file. e.g.: /home/omg/htdocs/file/. Certain vulnerabilities require the attacker to have the full path to the file they wish to view.