Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Docebo 3.5.0.3 and earlier allows remote attackers to obtain sensitive information via a direct request to (1) class/class.conf_fw.php, (2) class.module/class.event_manager.php, (3) lib/lib.domxml5.php, or (4) menu/menu_over.php in doceboCore/; or (5) class/class.conf_cms.php, (6) lib/lib.compose.php, (7) modules/chat/teleskill.php, or (8) class/class.admin_menu_cms.php in doceboCms/; which reveals the installation path in an error message.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Docebo 多个信息泄露漏洞
Vulnerability Description
Docebo 3.5.0.3及之前版本允许远程攻击者借助一个对doceboCore/中的(1)class/class.conf_fw.php,(2)class.module/class.event_manager.php, (3)lib/lib.domxml5.php或(4) menu/menu_over.php以及doceboCms/中的(5)class/class.conf_cms.php,(6)lib/lib.compose.php,(7) modules/chat/teleskill.php或(8
CVSS Information
N/A
Vulnerability Type
N/A