Weaver e-cology Source Code ecology_dev.zip information disclosure

A vulnerability was found in Weaver e-cology 8. It has been classified as problematic. Affected is an unknown function of the file /cloudstore/ecode/setup/ecology_dev.zip of the component Source Code Handler. The manipulation leads to information disclosure. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

信息暴露

Weaver e-cology 信息泄露漏洞

Weaver e-cology是中国泛微（Weaver）公司的一套协同管理应用平台。 Weaver e-cology 8版本存在信息泄露漏洞。攻击者利用该漏洞可以获取敏感信息。

N/A

N/A