daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Enhancement: cves/2022/CVE-2022-25481.yaml by md

patch-1
MostInterestingBotInTheWorld 2023-02-03 11:18:38 -05:00
parent 4ea53749b4
commit 3c520c118c
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cves/2022/CVE-2022-25481.yaml
View File

@ -5,7 +5,7 @@ info:
author: caon
severity: high
description: |
ThinkPHP Framework v5.0.24 is susceptible to information disclosure. This version was discovered to be configured without the PATHINFO parameter. This can allow an attacker to access all system environment parameters from index.php, thereby possibly obtaining sensitive information, modifying data, and/or executing unauthorized operations.
ThinkPHP 5.0.24 is susceptible to information disclosure. This version was configured without the PATHINFO parameter. This can allow an attacker to access all system environment parameters from index.php, thereby possibly obtaining sensitive information, modifying data, and/or executing unauthorized operations.
reference:
- https://github.com/Lyther/VulnDiscover/blob/master/Web/ThinkPHP_InfoLeak.md
- https://nvd.nist.gov/vuln/detail/CVE-2022-25481