[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250770

 
 

909

 
 

196157

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2011-5075Date: (C)2012-01-29   (M)2023-12-22


translate.php in Support Incident Tracker (aka SiT!) 3.45 through 3.65 allows remote attackers to obtain sensitive information via a direct request using the save action, which reveals the installation path.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.0
Exploit Score: 10.0
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: NONE
Availability: NONE
  
Reference:
EXPLOIT-DB-18132
http://www.securityfocus.com/archive/1/520577
http://www.openwall.com/lists/oss-security/2011/11/22/3
http://bugs.sitracker.org/view.php?id=1737

CPE    13
cpe:/a:sitracker:support_incident_tracker:3.63:beta1
cpe:/a:sitracker:support_incident_tracker:3.50:beta1
cpe:/a:sitracker:support_incident_tracker:3.6
cpe:/a:sitracker:support_incident_tracker:3.64
...

© SecPod Technologies