Описание
TYPO3 3.7.1 allows remote attackers to obtain sensitive information via a direct request to (1) thumbs.php, (2) showpic.php, or (3) tables.php, which causes them to incorrectly define a variable and reveal the path in an error message when a require function call fails.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | released | 4.0.4+debian-2 |
| edgy | ignored | end of life, was needed |
| feisty | released | 4.0.4+debian-2 |
| gutsy | released | 4.0.4+debian-2 |
| hardy | released | 4.0.4+debian-2 |
| intrepid | released | 4.0.4+debian-2 |
| jaunty | released | 4.0.4+debian-2 |
| karmic | released | 4.0.4+debian-2 |
| upstream | needs-triage |
Показывать по
Ссылки на источники
EPSS
5 Medium
CVSS2
Связанные уязвимости
TYPO3 3.7.1 allows remote attackers to obtain sensitive information via a direct request to (1) thumbs.php, (2) showpic.php, or (3) tables.php, which causes them to incorrectly define a variable and reveal the path in an error message when a require function call fails.
TYPO3 3.7.1 allows remote attackers to obtain sensitive information vi ...
TYPO3 3.7.1 allows remote attackers to obtain sensitive information via a direct request to (1) thumbs.php, (2) showpic.php, or (3) tables.php, which causes them to incorrectly define a variable and reveal the path in an error message when a require function call fails.
EPSS
5 Medium
CVSS2