6.1 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
70.8%
MySQLDumper 1.24.4 allows remote attackers to obtain sensitive information via a direct request to learn/cubemail/refresh_dblist.php, which reveals the installation path in an error message.
packetstormsecurity.org/files/112304/MySQLDumper-1.24.4-LFI-XSS-CSRF-Code-Execution-Traversal.html
www.osvdb.org/81616
www.securityfocus.com/bid/53306