Описание
The (1) templatewrap/templatefoot.php, (2) cmsjs/plugin.js.php, and (3) cmsincludes/cms_plugin_api_link.inc.php scripts in Tribal Tribiq CMS before 5.2.7c allow remote attackers to obtain sensitive information via a direct request, which reveals the full path in an error message.
Уязвимые конфигурации
Конфигурация 1Версия до 5.2.7b (включая)
cpe:2.3:a:tribiq:tribiq_cms:*:*:*:*:*:*:*:*
EPSS
Процентиль: 48%
0.0025
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
github
больше 3 лет назад
The (1) templatewrap/templatefoot.php, (2) cmsjs/plugin.js.php, and (3) cmsincludes/cms_plugin_api_link.inc.php scripts in Tribal Tribiq CMS before 5.2.7c allow remote attackers to obtain sensitive information via a direct request, which reveals the full path in an error message.
EPSS
Процентиль: 48%
0.0025
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-200