Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
DotClear allows remote attackers to obtain sensitive information via a direct request for (1) edit_cat.php, (2) index.php, (3) edit_link.php in ecrire/tools/blogroll/; (4) syslog/index.php, (5) thememng/index.php, (6) toolsmng/index.php, (7) utf8convert/index.php in /ecrire/tools/; (8) /ecrire/inc/connexion.php and (9) /inc/session.php; (10) class.blog.php, (11) class.blogcomment.php, (12) and class.blogpost.php in /inc/classes/; (13) append.php, (14) class.xblog.php, (15) class.xblogcomment.php, and (16) class.xblogpost.php in /layout/; (17) form.php, (18) list.php, (19) post.php, or (20) template.php in /themes/default/, which reveal the installation path in error messages.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
DotClear 'ecrire/tools/blogroll'敏感信息泄露漏洞
Vulnerability Description
DotClear可以使远程攻击者借助ecrire/tools/blogroll/中的(1) edit_cat.php, (2) index.php, (3) edit_link.php;/ecrire/tools/中的(4) syslog/index.php, (5) thememng/index.php, (6) toolsmng/index.php, (7) utf8convert/index.php ; (8) /ecrire/inc/connexion.php和(9) /inc/session.p
CVSS Information
N/A
Vulnerability Type
N/A