CVE-2008-6896

login.php in 3CX Phone System 6.0.806.0, when 100% disk capacity is reached, allows remote attackers to gain sensitive information via unspecified vectors that reveal the installation path.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 48%
VendorProductVersion
3cxphone_system
6.0.806.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://marc.info/?l=full-disclosure&m=122868146707468&w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/52452
http://marc.info/?l=full-disclosure&m=122868146707468&w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/52452