6.2 Medium
AI Score
Confidence
Low
0.015 Low
EPSS
Percentile
87.1%
Amiro.CMS 5.4.0.0 and earlier allows remote attackers to obtain sensitive information via an invalid loginname (“%%%”) to _admin/index.php, which reveals the installation path and other information in an error message.
packetstormsecurity.org/0910-exploits/ONSEC-09-005.txt
secunia.com/advisories/37065
www.onsec.ru/vuln?id=12
www.vupen.com/english/advisories/2009/2967
exchange.xforce.ibmcloud.com/vulnerabilities/53894