auraCMS 1.5 allows remote malicious users to obtain sensitive information via an HTTP request with an invalid id parameter to (1) teman.php, (2) hal.php, or (3) arsip.php, which reveals the path in a PHP error message.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
arif supriyanto auracms 1.5 |