N/A

An issue was discovered in Chadha PHPKB 9.0 Enterprise Edition. installer/test-connection.php (part of the installation process) allows a remote unauthenticated attacker to disclose local files on hosts running PHP before 7.2.16, or on hosts where the MySQL ALLOW LOCAL DATA INFILE option is enabled.

N/A

N/A

Chadha Software Technologies Chadha PHPKB 访问控制错误漏洞

Chadha Software Technologies Chadha PHPKB是印度Chadha Software Technologies公司的一种现代知识库软件，可让内部团队和外部客户保持信息井井有条、可访问且易于管理。 Chadha Software Technologies Chadha PHPKB 9.0 Enterprise Edition 中installer/test-connection.php存在访问控制错误漏洞，该漏洞允许远程攻击者泄漏PHP 7.2.16之前版本的主机上的本地文

N/A

N/A