Vulners
Lucene search
Cobub Razor 0.8.0 - Information Disclosure
| Reporter | Title | Published | Views | Family All 10 |
|---|---|---|---|---|
 | Cobub Razor 0.8.0 - Physical path Leakage Vulnerability | 20 Apr 201800:00 | – | zdt |
 | CVE-2018-8770 | 18 Mar 201806:29 | – | attackerkb |
 | Western Bridge Cobub Razor Physical Path Disclosure Vulnerability (CNVD-2018-07345) | 19 Mar 201800:00 | – | cnvd |
 | CVE-2018-8770 | 18 Mar 201806:00 | – | cve |
 | CVE-2018-8770 | 18 Mar 201806:00 | – | cvelist |
 | Cobub Razor 0.8.0 - Physical Path Leakage | 20 Apr 201800:00 | – | exploitdb |
 | Cobub Razor 0.8.0 - Physical Path Leakage | 20 Apr 201800:00 | – | exploitpack |
 | CVE-2018-8770 | 18 Mar 201806:29 | – | nvd |
 | Cobub Razor 0.8.0 Path Disclosure | 20 Apr 201800:00 | – | packetstorm |
 | Design/Logic Flaw | 18 Mar 201806:29 | – | prion |
10
id: CVE-2018-8770
info:
name: Cobub Razor 0.8.0 - Information Disclosure
author: princechaddha
severity: medium
description: Cobub Razor 0.8.0 is susceptible to information disclosure via generate.php, controllers/getConfigTest.php, controllers/getUpdateTest.php, controllers/postclientdataTest.php, controllers/posterrorTest.php, controllers/posteventTest.php, controllers/posttagTest.php, controllers/postusinglogTest.php, fixtures/Controller_fixt.php, fixtures/Controller_fixt2.php, fixtures/view_fixt2.php, libs/ipTest.php, or models/commonDbfix.php. An attacker can obtain sensitive information, modify data, and/or execute unauthorized operations.
impact: |
An attacker can exploit this vulnerability to gain sensitive information.
remediation: |
Upgrade to a patched version of Cobub Razor.
reference:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8770
- https://www.exploit-db.com/exploits/44495/
- https://github.com/Kyhvedn/CVE_Description/blob/master/Cobub_Razor_0.8.0_more_physical_path_leakage.md
- https://nvd.nist.gov/vuln/detail/CVE-2018-8770
- https://github.com/ARPSyndicate/kenzer-templates
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
cvss-score: 5.3
cve-id: CVE-2018-8770
cwe-id: CWE-200
epss-score: 0.60586
epss-percentile: 0.99027
cpe: cpe:2.3:a:cobub:razor:0.8.0:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: cobub
product: razor
tags: cve,cve2018,cobub,razor,exposure,edb,vuln
http:
- method: GET
path:
- "{{BaseURL}}/tests/generate.php"
matchers-condition: and
matchers:
- type: word
part: header
words:
- "Fatal error: Class 'PHPUnit_Framework_TestCase' not found in "
- "/application/third_party/CIUnit/libraries/CIUnitTestCase.php on line"
condition: and
- type: status
status:
- 200
# digest: 4a0a004730450221009ed4cfa618468844c8d16bdf86552a143e3bc54e00516b45950635cc099ad89e022069fa1223b901e75807676a8a2f39acc0ed1d40d7d7ea119e0b21105c628c9e36:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
04 Feb 2026 07:00Current
6.1Medium risk
Vulners AI Score6.1
CVSS 25
CVSS 3.15.3
EPSS0.60586