exploitDog

CVE-2018-19226

Опубликовано: 12 нояб. 2018

Источник: nvd

CVSS3: 5.3

CVSS2: 5

EPSS Низкий

Описание

An issue was discovered in LAOBANCMS 2.0. It allows remote attackers to list .txt files via a direct request for the /data/0/admin.txt URI.

Ссылки

https://github.com/AvaterXXX/laobanCMS/blob/master/1.md#info_exp
Exploit
Third Party Advisory
https://github.com/AvaterXXX/laobanCMS/blob/master/1.md#info_exp
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:laobancms:laobancms:2.0:*:*:*:*:*:*:*

EPSS

Процентиль: 47%

0.00244

Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-jh3h-5626-4xq2

CVSS3: 5.3

github

больше 3 лет назад

An issue was discovered in LAOBANCMS 2.0. It allows remote attackers to list .txt files via a direct request for the /data/0/admin.txt URI.

EPSS

Процентиль: 47%

0.00244

Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-200