Medium severity5.3NVD Advisory· Published Mar 17, 2017· Updated May 13, 2026
CVE-2015-3882
CVE-2015-3882
Description
qdPM 8.3 allows remote attackers to obtain sensitive information via invalid ID value to index.php/users/info/id/[ID], which reveals the installation path in an error message.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- rossmarks.uk/whitepapers/qdPM_8.3.txtnvdExploitThird Party Advisory
- rossmarks.uk/portfolio.phpnvdThird Party Advisory
News mentions
0No linked articles in our index yet.