Description
Centrinity FirstClass 7.1 allows remote attackers to access sensitive information by appending search to the end of the URL and checking all of the search option checkboxes and leaving the text field blank, which will return all files in the searched directory.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Richard Maudsley · textremotemultiple
https://www.exploit-db.com/exploits/23309
References (6)
Core 6
Core References
Exploit mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/342765
Exploit, Patch third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/10084
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/13546
Exploit, Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/8920
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/342909
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/2723
Scores
EPSS
0.0802
EPSS Percentile
92.1%
Details
Status
published
Published
Dec 31, 2003
Tracked Since
Feb 18, 2026