Описание
MS Analysis module 2.0 for PHP-Nuke allows remote attackers to obtain sensitive information via a direct request to (1) browsers.php, (2) mstrack.php, or (3) title.php, which reveal the full path in a PHP error message.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:francisco_burzi:php-nuke:6.5:*:*:*:*:*:*:*
cpe:2.3:a:francisco_burzi:php-nuke:6.5_beta1:*:*:*:*:*:*:*
cpe:2.3:a:francisco_burzi:php-nuke:6.5_final:*:*:*:*:*:*:*
cpe:2.3:a:francisco_burzi:php-nuke:6.5_rc1:*:*:*:*:*:*:*
cpe:2.3:a:francisco_burzi:php-nuke:6.5_rc2:*:*:*:*:*:*:*
cpe:2.3:a:francisco_burzi:php-nuke:6.5_rc3:*:*:*:*:*:*:*
cpe:2.3:a:francisco_burzi:php-nuke:6.6:*:*:*:*:*:*:*
cpe:2.3:a:francisco_burzi:php-nuke:6.7:*:*:*:*:*:*:*
cpe:2.3:a:francisco_burzi:php-nuke:6.9:*:*:*:*:*:*:*
cpe:2.3:a:francisco_burzi:php-nuke:7.0:*:*:*:*:*:*:*
cpe:2.3:a:francisco_burzi:php-nuke:7.0_final:*:*:*:*:*:*:*
EPSS
Процентиль: 2%
0.00016
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
MS Analysis module 2.0 for PHP-Nuke allows remote attackers to obtain sensitive information via a direct request to (1) browsers.php, (2) mstrack.php, or (3) title.php, which reveal the full path in a PHP error message.
EPSS
Процентиль: 2%
0.00016
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other