CVE-2018-19226

An issue was discovered in LAOBANCMS 2.0. It allows remote attackers to list .txt files via a direct request for the /data/0/admin.txt URI.
References
Link Resource
https://github.com/AvaterXXX/laobanCMS/blob/master/1.md#info_exp Exploit Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:laobancms:laobancms:2.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-11-12 20:29

Updated : 2024-02-04 20:03


NVD link : CVE-2018-19226

Mitre link : CVE-2018-19226

CVE.ORG link : CVE-2018-19226


JSON object : View

Products Affected

laobancms

  • laobancms
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor