GAT-Ship Web Module through 1.30 allows remote attackers to obtain potentially sensitive information via {} in a ws/gatshipWs.asmx/SqlVersion request.
References
Link | Resource |
---|---|
https://seclists.org/fulldisclosure/2019/May/29 | Mailing List Exploit Third Party Advisory |
http://seclists.org/fulldisclosure/2019/May/32 | |
http://packetstormsecurity.com/files/152964/GAT-Ship-Web-Module-1.30-Information-Disclosure.html |
Configurations
Information
Published : 2019-05-17 14:29
Updated : 2020-08-24 10:37
NVD link : CVE-2019-12163
Mitre link : CVE-2019-12163
JSON object : View
CWE
Products Affected
gatship
- web_module