Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
index.php in Aardvark Topsites PHP 5.2.0 and earlier allows remote attackers to obtain sensitive information via a nonexistent account name in the u parameter in a rate action, which reveals the installation path in an error message.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Avatic Aardvark Topsites PHP 'index.php'鉴定操作信息泄露漏洞
Vulnerability Description
Aardvark Topsites PHP 5.2.0以及更早版本中的index.php允许远程攻击者通过向鉴定操作中的U参数提交不存在的帐户名来获取敏感信息。该rate操作会以错误的信息显示安装路径。
CVSS Information
N/A
Vulnerability Type
N/A