CVE-2012-4257 in Yet Another Questioninformazioni

Riassunto

di MITRE

Yaqas (Yet Another Question & Answer System) 1.0 Alpha 1 allows remote attackers to obtain sensitive information via an invalid character in the PHPSESSID, which reveals the installation path in an error message.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Prenotare

13/08/2012

Divulgazione

13/08/2012

Moderazione

accettato

Voce

VDB-61569

CPE

pronto

CWE

CWE-200 (confermato)

CVSS

5.3 (VulDB)

EPSS

0.01480

KEV

Attività

molto basso

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-4257
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-4257
CVE Details	https://www.cvedetails.com/cve/CVE-2012-4257/

◂ Precedente Visione D'ensemble Il prossimo ▸

Interested in the pricing of exploits?

See the underground prices here!