CVE-2007-3059

2007-06-0601:00:00

mitre

www.cve.org

6.2 Medium

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

79.5%

JSON

SendCard 3.3.0 allows remote attackers to obtain sensitive information via an invalid sc_language parameter to sendcard.php, which reveals the path in an error message.

References

osvdb.org/35740

securityreason.com/securityalert/2770

www.securityfocus.com/archive/1/470237/100/0/threaded

exchange.xforce.ibmcloud.com/vulnerabilities/34672