Vulnerabilities > CVE-2020-35388 - Unspecified vulnerability in Rockoa Xinhu 2.1.9
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
rainrocka xinhu 2.1.9 allows remote attackers to obtain sensitive information via an index.php?a=gettotal request in which the ajaxbool value is manipulated to be true.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |