CVE-2014-8702

Wonder CMS 2014 allows remote attackers to obtain sensitive information by logging into the application with an array for the password, which reveals the installation path in an error message.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 52%
Common Weakness Enumeration
References
http://rossmarks.uk/portfolio.php
http://rossmarks.uk/whitepapers/wonder_cms_2014.txt
http://www.securityfocus.com/bid/97192
http://rossmarks.uk/portfolio.php
http://rossmarks.uk/whitepapers/wonder_cms_2014.txt
http://www.securityfocus.com/bid/97192