Lucene search

[email protected]CVE-2007-0194

HistoryJan 12, 2007 - 5:04 a.m.

CVE-2007-0194

2007-01-1205:04:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-0194

mkportal m1.1 rc1

security

vulnerability

information disclosure

6.3 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

0.006 Low

EPSS

Percentile

78.1%

JSON

admin.php in MKPortal M1.1 RC1 allows remote attackers to obtain sensitive information via a direct request with an MK_PATH=1 query string, which reveals the path in an error message.

CPENameOperatorVersion
mkportal:mkportalmkportaleq1.1_rc1

CPE	Name	Operator	Version
mkportal:mkportal	mkportal	eq	1.1_rc1

References

osvdb.org/33407

www.securityfocus.com/archive/1/456257/100/0/threaded

exchange.xforce.ibmcloud.com/vulnerabilities/31333

6.3 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

0.006 Low

EPSS

Percentile

78.1%

JSON

Related for CVE-2007-0194

prion1 securityvulns1