An issue was discovered in BTITeam XBTIT. PHP error logs are stored in an open directory (/include/logs) using predictable file names, which can lead to full path disclosure and leakage of sensitive data.
References
Link | Resource |
---|---|
https://rastating.github.io/xbtit-multiple-vulnerabilities/ | Exploit Mitigation Third Party Advisory |
https://rastating.github.io/xbtit-multiple-vulnerabilities/ | Exploit Mitigation Third Party Advisory |
Configurations
History
21 Nov 2024, 03:51
Type | Values Removed | Values Added |
---|---|---|
References | () https://rastating.github.io/xbtit-multiple-vulnerabilities/ - Exploit, Mitigation, Third Party Advisory |
Information
Published : 2018-09-05 21:29
Updated : 2024-11-21 03:51
NVD link : CVE-2018-15684
Mitre link : CVE-2018-15684
CVE.ORG link : CVE-2018-15684
JSON object : View
Products Affected
btiteam
- xbtit
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor