Vulnerabilities > CVE-2020-19878 - Unspecified vulnerability in Dbhcms Project Dbhcms 1.2.0

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

dbhcms-project

NVD

Published: 2020-08-24

Updated: 2024-11-21

Summary

DBHcms v1.2.0 has a sensitive information leaks vulnerability as there is no security access control in /dbhcms/ext/news/ext.news.be.php, A remote unauthenticated attacker can exploit this vulnerability to get path information.

Vulnerable Configurations

Part	Description	Count
Application	Dbhcms_Project Dbhcms Project Dbhcms 1.2.0	1

References

https://github.com/fragrant10/cve/tree/master/dbhcms1.2.0#2
https://github.com/fragrant10/cve/tree/master/dbhcms1.2.0#2