Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
XenForo Path Disclosure via open_basedir Exceptions
Vulnerability Description
XenForo before 2.3.7 discloses filesystem paths through exception messages triggered by open_basedir restrictions. This allows an attacker to obtain information about the server's directory structure.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
通过错误消息导致的信息暴露
Vulnerability Title
Xenforo 安全漏洞
Vulnerability Description
Xenforo是Xenforo公司的一个论坛软件。 XenForo 2.3.7之前版本存在安全漏洞,该漏洞源于通过open_basedir限制触发的异常消息泄露文件系统路径,可能导致攻击者获取服务器目录结构信息。
CVSS Information
N/A
Vulnerability Type
N/A