Unrated severityNVD Advisory· Published Sep 4, 2024· Updated Sep 4, 2024
CVE-2024-44820
CVE-2024-44820
Description
A sensitive information disclosure vulnerability exists in ZZCMS v.2023 and before within the eginfo.php file located at /3/E_bak5.1/upload/. When accessed with the query parameter phome=ShowPHPInfo, the application executes the phpinfo() function, which exposes detailed information about the PHP environment, including server configuration, loaded modules, and environment variables.
Affected products
2Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.