Описание
Zanfi CMS lite 1.1 allows remote attackers to obtain the full path of the web server via direct requests without required arguments to (1) adm_pages.php, (2) corr_pages.php, (3) del_block.php, (4) del_page.php, (5) footer.php, (6) home.php, and others.
Zanfi CMS lite 1.1 allows remote attackers to obtain the full path of the web server via direct requests without required arguments to (1) adm_pages.php, (2) corr_pages.php, (3) del_block.php, (4) del_page.php, (5) footer.php, (6) home.php, and others.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2004-2196
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17687
- http://secunia.com/advisories/12792
- http://securitytracker.com/id?1011612
- http://www.osvdb.org/10677
- http://www.osvdb.org/10678
- http://www.osvdb.org/10679
- http://www.osvdb.org/10680
- http://www.osvdb.org/10681
- http://www.osvdb.org/10682
- http://www.securityfocus.com/archive/1/378053
- http://www.zanfi.nl/index1.php?flag=cmslite
EPSS
CVE ID
Связанные уязвимости
Zanfi CMS lite 1.1 allows remote attackers to obtain the full path of the web server via direct requests without required arguments to (1) adm_pages.php, (2) corr_pages.php, (3) del_block.php, (4) del_page.php, (5) footer.php, (6) home.php, and others.
EPSS