CVE-2002-0463

Опубликовано: 12 авг. 2002

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

home.php in ARSC (Really Simple Chat) 1.0.1 and earlier allows remote attackers to determine the full pathname of the web server via an invalid language in the arsc_language parameter, which leaks the pathname in an error message.

Ссылки

http://www.iss.net/security_center/static/8472.php
http://www.securityfocus.com/archive/1/262652
Vendor Advisory
http://www.securityfocus.com/archive/1/262802
Vendor Advisory
http://www.securityfocus.com/bid/4307
Patch
Vendor Advisory
http://www.iss.net/security_center/static/8472.php
http://www.securityfocus.com/archive/1/262652
Vendor Advisory
http://www.securityfocus.com/archive/1/262802
Vendor Advisory
http://www.securityfocus.com/bid/4307
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:arsc_really_simple_chat:arsc_really_simple_chat:1.0:*:*:*:*:*:*:*

cpe:2.3:a:arsc_really_simple_chat:arsc_really_simple_chat:1.0.1:*:*:*:*:*:*:*

EPSS

Процентиль: 71%

0.00655

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-jhq4-p9g6-9x3f

github

почти 4 года назад