Описание
Mambo Site Server 4.0.11 allows remote attackers to obtain the physical path of the server via an HTTP request to index.php with a parameter that does not exist, which causes the path to be leaked in an error message.
Ссылки
- Exploit
- ExploitPatch
- Exploit
- ExploitPatch
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:mambo:site_server:4.0.11:*:*:*:*:*:*:*
EPSS
Процентиль: 84%
0.02342
Низкий
5 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
github
больше 3 лет назад
Mambo Site Server 4.0.11 allows remote attackers to obtain the physical path of the server via an HTTP request to index.php with a parameter that does not exist, which causes the path to be leaked in an error message.
EPSS
Процентиль: 84%
0.02342
Низкий
5 Medium
CVSS2
Дефекты
CWE-200