Описание
content.php in WSPortal 1.0, when magic_quotes_gpc is disabled, allows remote attackers to obtain sensitive information via a "';" (quote semicolon) sequence in the page parameter, which reveals the installation path in the resulting forced SQL error message.
Ссылки
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:ibm:websphere_portal:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 93%
0.10504
Средний
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
content.php in WSPortal 1.0, when magic_quotes_gpc is disabled, allows remote attackers to obtain sensitive information via a "';" (quote semicolon) sequence in the page parameter, which reveals the installation path in the resulting forced SQL error message.
EPSS
Процентиль: 93%
0.10504
Средний
5 Medium
CVSS2
Дефекты
NVD-CWE-Other