Vulnerabilities > CVE-2019-11611 - Missing Authorization vulnerability in Doorgets CMS 7.0

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

doorgets

CWE-862

NVD

Published: 2019-04-30

Updated: 2020-08-24

Summary

doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/download.php. A remote unauthenticated attacker can exploit this vulnerability to obtain server-sensitive information.

Vulnerable Configurations

Part	Description	Count
Application	Doorgets Doorgets Doorgets CMS 7.0	1

Common Weakness Enumeration (CWE)

CWE-862 - Missing Authorization

References

https://github.com/itodaro/doorGets_cve