Описание
phpBMS 0.96 allows remote attackers to obtain sensitive information via a direct request to (1) footer.php, (2) header.php, (3) the show action in advancedsearch.php, and (4) choicelist.php, which reveals the installation path in an error message.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:kreotek:phpbms:0.96:*:*:*:*:*:*:*
EPSS
Процентиль: 88%
0.03673
Низкий
5 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
github
почти 4 года назад
phpBMS 0.96 allows remote attackers to obtain sensitive information via a direct request to (1) footer.php, (2) header.php, (3) the show action in advancedsearch.php, and (4) choicelist.php, which reveals the installation path in an error message.
EPSS
Процентиль: 88%
0.03673
Низкий
5 Medium
CVSS2
Дефекты
CWE-200