Vulnerability Details CVE-2011-5075
translate.php in Support Incident Tracker (aka SiT!) 3.45 through 3.65 allows remote attackers to obtain sensitive information via a direct request using the save action, which reveals the installation path.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.107
EPSS Ranking 93.0%
CVSS Severity
CVSS v2 Score 5.0
References
- http://bugs.sitracker.org/view.php?id=1737
- http://www.exploit-db.com/exploits/18132/
- http://www.openwall.com/lists/oss-security/2011/11/22/3
- http://www.securityfocus.com/archive/1/520577
- http://bugs.sitracker.org/view.php?id=1737
- http://www.exploit-db.com/exploits/18132/
- http://www.openwall.com/lists/oss-security/2011/11/22/3
- http://www.securityfocus.com/archive/1/520577
Products affected by CVE-2011-5075
-
cpe:2.3:a:sitracker:support_incident_tracker:3.45
-
cpe:2.3:a:sitracker:support_incident_tracker:3.50
-
cpe:2.3:a:sitracker:support_incident_tracker:3.51
-
cpe:2.3:a:sitracker:support_incident_tracker:3.6
-
cpe:2.3:a:sitracker:support_incident_tracker:3.60
-
cpe:2.3:a:sitracker:support_incident_tracker:3.61
-
cpe:2.3:a:sitracker:support_incident_tracker:3.62
-
cpe:2.3:a:sitracker:support_incident_tracker:3.63
-
cpe:2.3:a:sitracker:support_incident_tracker:3.64
-
cpe:2.3:a:sitracker:support_incident_tracker:3.65