PT-2004-2508 · Coolphp · Coolphp

R00Tcr4Ck

Publicado

2004-10-16

Atualizado

2017-07-11

CVE-2004-1600

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions CoolPHP version 1.0-stable

Description The issue allows remote attackers to gain sensitive information. This is achieved by providing an invalid op parameter, which results in the path being revealed in an error message.

Recommendations For CoolPHP version 1.0-stable, consider restricting access to the index.php file until a patch is available, or modify the error handling to prevent the disclosure of sensitive path information.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2004-1600

Produtos afetados

Coolphp

PT-2004-2508 · Coolphp · Coolphp

CVE-2004-1600

Identificadores relacionados

Produtos afetados

Referências · 5