File Disclosure in OWLs Workshop (CVE-2004-0302, CVE-2004-0303)

OWLs workshop is a web-based educational tool written in PHP. There is a vulnerability in the current version of this software which allows an attacker to retrieve arbitrary files from the webserver with its privileges.

OWLs工作坊是一款基于Web的教育工具，采用PHP语言编写。当前软件版本存在一个漏洞，攻击者可以利用该漏洞以软件权限从网络服务器检索任意文件。