exploitDog

GHSA-p97m-3j95-cgxq

Опубликовано: 01 мая 2022

Источник: github

Github: Не прошло ревью

Описание

PsychoStats 3.0.6b and earlier allows remote attackers to obtain sensitive information via a request for server.php with a missing or invalid newtheme parameter, which reveals a path in an error message.

PsychoStats 3.0.6b and earlier allows remote attackers to obtain sensitive information via a request for server.php with a missing or invalid newtheme parameter, which reveals a path in an error message.

Ссылки

EPSS

Процентиль: 93%

0.10593

Средний

CVE ID

Дефекты

CWE-200

Связанные уязвимости

CVE-2007-2780

nvd

больше 18 лет назад

PsychoStats 3.0.6b and earlier allows remote attackers to obtain sensitive information via a request for server.php with a missing or invalid newtheme parameter, which reveals a path in an error message.

EPSS

Процентиль: 93%

0.10593

Средний

CVE ID

Дефекты

CWE-200