CVE-2017-17793

Posted on 2017년 12월 20일2017년 12월 20일 by admin

CVE-2017-17793

Information Disclosure vulnerability in creer_fichier_zip in admin/maintenance.php in BlogoText through 3.7.6 allows remote attackers to defeat a filename-randomization protection mechanism, and read backup archives on Windows servers, by providing the archiv~1.zip name (aka an 8.3 filename).

Source: CVE-2017-17793

답글 남기기 응답 취소