Описание
TYPO3 3.7.1 allows remote attackers to obtain sensitive information via a direct request to (1) thumbs.php, (2) showpic.php, or (3) tables.php, which causes them to incorrectly define a variable and reveal the path in an error message when a require function call fails.
Ссылки
- Vendor Advisory
- ExploitVendor Advisory
- Vendor Advisory
- ExploitVendor Advisory
Уязвимые конфигурации
Одно из
EPSS
5 Medium
CVSS2
Дефекты
Связанные уязвимости
TYPO3 3.7.1 allows remote attackers to obtain sensitive information via a direct request to (1) thumbs.php, (2) showpic.php, or (3) tables.php, which causes them to incorrectly define a variable and reveal the path in an error message when a require function call fails.
TYPO3 3.7.1 allows remote attackers to obtain sensitive information vi ...
TYPO3 3.7.1 allows remote attackers to obtain sensitive information via a direct request to (1) thumbs.php, (2) showpic.php, or (3) tables.php, which causes them to incorrectly define a variable and reveal the path in an error message when a require function call fails.
EPSS
5 Medium
CVSS2