Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Bitrix Site Manager 4.0.x allows remote attackers to obtain sensitive information via direct request to (1) subscr_form.php or (2) dbquery_error.php, which reveals the path in an error message.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Bitrix Site Manager 多个敏感信息泄露漏洞
Vulnerability Description
Bitrix Site Manager 4.0.x中,远程攻击者可借助对:(1)subscr_form.php脚本,或(2)dbquery_error.php脚本的直接请求,来获得敏感信息。该请求会在出错信息中泄漏路径名。
CVSS Information
N/A
Vulnerability Type
N/A