4 matches found
CouchCMS <= 2.0 - Path Disclosure
CouchCMS = 2.0 allows remote attackers to discover the full path via a direct request to includes/mysql2i/mysql2i.func.php or addons/phpmailer/phpmailer.php. id: CVE-2018-7662 info: name: CouchCMS = 2.0 - Path Disclosure author: ritikchaddha severity: medium description: CouchCMS = 2.0 allows...
CVE-2018-7662
Couch through 2.0 allows remote attackers to discover the full path via a direct request to includes/mysql2i/mysql2i.func.php or addons/phpmailer/phpmailer.php...
CVE-2018-7662
Couch through 2.0 allows remote attackers to discover the full path via a direct request to includes/mysql2i/mysql2i.func.php or addons/phpmailer/phpmailer.php...
CVE-2018-7662
CVE-2018-7662 affects CouchCMS <= 2.0, enabling remote attackers to disclose the server’s full directory path by directly requesting includes/mysql2i/mysql2i.func.php or addons/phpmailer/phpmailer.php. This path disclosure arises from a missing/insufficient input validation in the affected end...