Описание
An information disclosure vulnerability in upload.php of PopojiCMS 1.2 leads to physical path disclosure of the host when 'name = "file" is deleted during file uploads.
Ссылки
- ExploitIssue TrackingThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:popojicms:popojicms:1.2:*:*:*:*:*:*:*
EPSS
Процентиль: 41%
0.00194
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-668
Связанные уязвимости
github
больше 3 лет назад
An information disclosure vulnerability in upload.php of PopojiCMS 1.2 leads to physical path disclosure of the host when 'name = "file" is deleted during file uploads.
EPSS
Процентиль: 41%
0.00194
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-668