Design/Logic Flaw

2017-12-2717:08:00

PRIOn knowledge base

www.prio-n.com

5.2 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

67.9%

JSON

PHP Scripts Mall Professional Service Script allows remote attackers to obtain sensitive full-path information via the id parameter to admin/review_userwise.php.

References

github.com/d4wner/Vulnerabilities-Report/blob/master/Professional-Service-Script.md