Описание
Mambo Site Server 4.0.11 allows remote attackers to obtain the physical path of the server via an HTTP request to index.php with a parameter that does not exist, which causes the path to be leaked in an error message.
Ссылки
- Exploit
- ExploitPatch
- Exploit
- ExploitPatch
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:mambo:site_server:4.0.11:*:*:*:*:*:*:*
EPSS
Процентиль: 85%
0.02553
Низкий
5 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
github
почти 4 года назад
Mambo Site Server 4.0.11 allows remote attackers to obtain the physical path of the server via an HTTP request to index.php with a parameter that does not exist, which causes the path to be leaked in an error message.
EPSS
Процентиль: 85%
0.02553
Низкий
5 Medium
CVSS2
Дефекты
CWE-200