exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 2

CVE-2022-25481

почти 4 года назад

ThinkPHP Framework v5.0.24 was discovered to be configured without the PATHINFO parameter. This allows attackers to access all system environment parameters from index.php. NOTE: this is disputed by a third party because system environment exposure is an intended feature of the debugging mode.

CVSS3: 7.5

EPSS: Средний

GHSA-69wp-xwm7-69wm

почти 4 года назад

Exposure of Resource to Wrong Sphere in ThinkPHP Framework

CVSS3: 7.5

EPSS: Средний

Уязвимостей на страницу

	Уязвимость	CVSS	EPSS	Опубликовано
	CVE-2022-25481 ThinkPHP Framework v5.0.24 was discovered to be configured without the PATHINFO parameter. This allows attackers to access all system environment parameters from index.php. NOTE: this is disputed by a third party because system environment exposure is an intended feature of the debugging mode.	CVSS3: 7.5	20% Средний	почти 4 года назад
	GHSA-69wp-xwm7-69wm Exposure of Resource to Wrong Sphere in ThinkPHP Framework	CVSS3: 7.5	20% Средний	почти 4 года назад

Уязвимостей на страницу