Описание
Dolibarr sensitive information disclosure
Dolibarr ERP/CRM version 6.0.4 does not block direct requests to *.tpl.php files, which allows remote attackers to obtain sensitive information.
Пакеты
Наименование
dolibarr/dolibarr
composer
Затронутые версииВерсия исправления
<= 6.0.4
6.0.5
Связанные уязвимости
CVSS3: 7.5
ubuntu
около 8 лет назад
Dolibarr ERP/CRM version 6.0.4 does not block direct requests to *.tpl.php files, which allows remote attackers to obtain sensitive information.
CVSS3: 7.5
nvd
около 8 лет назад
Dolibarr ERP/CRM version 6.0.4 does not block direct requests to *.tpl.php files, which allows remote attackers to obtain sensitive information.
CVSS3: 7.5
debian
около 8 лет назад
Dolibarr ERP/CRM version 6.0.4 does not block direct requests to *.tpl ...