Paid To Read Script 2.0.5 has full path disclosure via an invalid admin/userview.php uid parameter.
References
Link | Resource |
---|---|
https://github.com/d4wner/Vulnerabilities-Report/blob/master/paid-to-read-script.md | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2017-12-19 19:29
Updated : 2018-01-03 07:52
NVD link : CVE-2017-17776
Mitre link : CVE-2017-17776
JSON object : View
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
Products Affected
paid_to_read_script_project
- paid_to_read_script