Artica Pandora FMS version 7.0 leaks a full installation pathname via GET data when intercepting the main page’s graph requisition. This also implies that general OS information is leaked (e.g., a /var/www pathname typically means Linux or UNIX).
CPE | Name | Operator | Version |
---|---|---|---|
pandora_fms | eq | 7.0 |