2 matches found
CVE-2020-35388
rainrocka xinhu 2.1.9 allows remote attackers to obtain sensitive information via an index.php?a=gettotal request in which the ajaxbool value is manipulated to be true...
CVE-2020-35388
CVE-2020-35388 affects Rainrocka Xinhu/Rockoa Xinhu 2.1.9. The vulnerability enables information disclosure by sending index.php?a=gettotal with ajaxbool set to true, allowing remote attackers to obtain sensitive information. Root cause involves manipulation of a request parameter to trigger unin...