front/icon.send.php in the CMDB plugin prior to 3.0.3 for GLPI allows malicious users to gain read access to sensitive information via a _log/ pathname in the file parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
glpi-project cmdb |