Описание
TorrentTrader Classic 1.09 allows remote attackers to (1) obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function; and allows remote attackers to (2) obtain other potentially sensitive information via a direct request to check.php.
Ссылки
- Vendor Advisory
- Exploit
- Exploit
- Vendor Advisory
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:torrenttrader:torrenttrader_classic:1.09:*:*:*:*:*:*:*
EPSS
Процентиль: 93%
0.09357
Низкий
5 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
почти 4 года назад
TorrentTrader Classic 1.09 allows remote attackers to (1) obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function; and allows remote attackers to (2) obtain other potentially sensitive information via a direct request to check.php.
EPSS
Процентиль: 93%
0.09357
Низкий
5 Medium
CVSS2
Дефекты
CWE-264