Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
listing.php in WebSVN 2.0 and possibly 1.7 beta, when using an SVN authz file, allows remote authenticated users to read changelogs or diffs for restricted projects via a modified repname parameter.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Tigris WebSVN listing.php脚本绕过限制信息泄露漏洞
Vulnerability Description
WebSVN是软件开发者Dirk Thomas所研发的一套基于Web的Subversion Repository(版本管理库)浏览器,它可查看文件或文件夹的日志、查看文件的变化列表、添加或删除任意版本号等。 WebSVN中的listing.php脚本在使用SVN authz文件时没有正确地限制对受限制代码库的访问,远程攻击者可以通过compare with previous和show changed files链接读取受限制项目的changelog或diff。
CVSS Information
N/A
Vulnerability Type
N/A