exploitDog

CVE-2011-3825

Опубликовано: 24 сент. 2011

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

Zend Framework 1.11.3 in Zend Server CE 5.1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by Validate.php and certain other files.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:zend:framework:1.11.3:*:*:*:*:*:*:*

cpe:2.3:a:zend:server:5.1.0:*:ce:*:*:*:*:*

EPSS

Процентиль: 51%

0.00283

Низкий

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

CVE-2011-3825

ubuntu

больше 14 лет назад

Zend Framework 1.11.3 in Zend Server CE 5.1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by Validate.php and certain other files.

GHSA-fhjm-rh64-w3x4

github

больше 3 лет назад

Zend Framework 1.11.3 in Zend Server CE 5.1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by Validate.php and certain other files.

EPSS

Процентиль: 51%

0.00283

Низкий

5 Medium

CVSS2

Дефекты

CWE-200