The response messages received from the eSOMS report generation using certain parameter queries with full file path can beabused for enumerating the local file system structure.
5.3CVSS
5.3AI Score
0.0005EPSS
The responses for web queries with certain parameters disclose internal path of resources. This information can be used to learn internal structure of the application and to further plot attacks againstweb servers and deployed web applications.
5.3CVSS
5.2AI Score
0.0005EPSS
Poorly constructed webap requests and URI components with special characters trigger unhandled errors and exceptions, disclosinginformation about the underlying technology and other sensitive information details. The website unintentionally reveals sensitive information including technical details ...
5.3CVSS
5.2AI Score
0.0005EPSS