Описание
PMB 5.6 contains a local file disclosure vulnerability in getgif.php that allows attackers to read arbitrary system files by manipulating the 'chemin' parameter. Attackers can exploit the unsanitized file path input to access sensitive files like /etc/passwd by sending crafted requests to the getgif.php endpoint.
EPSS
Процентиль: 4%
0.0002
Низкий
8.4 High
CVSS3
Дефекты
CWE-22
Связанные уязвимости
CVSS3: 8.4
github
10 дней назад
PMB 5.6 contains a local file disclosure vulnerability in getgif.php that allows attackers to read arbitrary system files by manipulating the 'chemin' parameter. Attackers can exploit the unsanitized file path input to access sensitive files like /etc/passwd by sending crafted requests to the getgif.php endpoint.
EPSS
Процентиль: 4%
0.0002
Низкий
8.4 High
CVSS3
Дефекты
CWE-22