Vulnerabilities

CVE-2012-4257

by Fred · 13/08/2012

Yaqas (Yet Another Question & Answer System) 1.0 Alpha 1 allows remote attackers to obtain sensitive information via an invalid character in the PHPSESSID, which reveals the installation path in an error message.

Date published : 2012-08-13

http://hauntit.blogspot.com/2012/03/en-yaqas-cms-alpha1-information.html

http://packetstormsecurity.org/files/112248/Yaqas-CMS-Alpha1-Information-Disclosure.html

Similar

Tags: Cybersecurity Alert