Demo Discussion
Forum Config Examples Contributions Vulnerabilities
  Discussion forum about ELOG  Not logged in ELOG logo
 Back  |  Find  |  Login  |  Help 
icon5.gif   Path disclosure on unfound file, posted by Bruce Bush on Wed May 6 17:35:14 2015 
    icon2.gif   Re: Path disclosure on unfound file, posted by Stefan Ritt on Wed Jun 10 09:12:06 2015 Screen_Shot_2015-06-10_at_9.11.38_.png
       icon2.gif   Re: Path disclosure on unfound file, posted by Travis Unkel on Fri Aug 18 01:02:41 2017 
          icon2.gif   Re: Path disclosure on unfound file, posted by prinnydood on Thu Dec 31 18:35:19 2020 no_extension.pngnonexistent_html.pngrandom_extension.pngvalid_html_file_with_html_extension.png
             icon2.gif   Re: Path disclosure on unfound file, posted by Stefan Ritt on Fri Jan 8 13:47:14 2021 Screenshot_2021-01-08_at_13.46.02_.png
                icon2.gif   Re: Path disclosure on unfound file, posted by Gabriel Lopez on Wed Feb 3 17:28:16 2021 
                   icon2.gif   Re: Path disclosure on unfound file, posted by Stefan Ritt on Fri Feb 19 09:59:04 2021 
                      icon2.gif   Re: Path disclosure on unfound file, posted by Gabriel Lopez on Fri Feb 19 19:48:11 2021 
Message ID: 67885     Entry time: Wed May 6 17:35:14 2015     Reply to this: 67992
Icon: Question  Author: Bruce Bush  Author Email: bruce_bush@sil.org 
Category: Bug report  OS: Linux  ELOG Version: 3.10.2 
Subject: Path disclosure on unfound file 

Greetings,

  Running elog 3.1.0 on CentOS 6.6.  When I try to access a nonexistent file, elog reveals a path in the 404 page.  For example:

Not Found

The requested file /usr/local/elog/themes/default/blortblortblort7854.htm was not found on this server

ELOG version 3.1.0
 
  Is there any way to use a custom 404 page with elog, or to make it stop displaying the file information?
 
Thank you,
bb
 
 

 

ELOG V3.1.5-fe60aaf