Описание
WoltLab Community Framework (WCF) 1.0.6 in WoltLab Burning Board 3.0.5 allows remote attackers to obtain the full path via invalid (1) page and (2) form parameters, which leaks the path from an exception handler when a valid class cannot be found.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:woltlab:burning_board:3.0.5:*:*:*:*:*:*:*
EPSS
Процентиль: 66%
0.00516
Низкий
5 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
github
почти 4 года назад
WoltLab Community Framework (WCF) 1.0.6 in WoltLab Burning Board 3.0.5 allows remote attackers to obtain the full path via invalid (1) page and (2) form parameters, which leaks the path from an exception handler when a valid class cannot be found.
EPSS
Процентиль: 66%
0.00516
Низкий
5 Medium
CVSS2
Дефекты
CWE-200