Описание
ACNews stores the database in a file under the web document root with a db.inc extension and insufficient access control, which allows remote attackers to obtain sensitive information such as the full pathname of the server.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:acnews:acnews:*:*:*:*:*:*:*:*
EPSS
Процентиль: 53%
0.00306
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
ACNews stores the database in a file under the web document root with a db.inc extension and insufficient access control, which allows remote attackers to obtain sensitive information such as the full pathname of the server.
EPSS
Процентиль: 53%
0.00306
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other