CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-24925

A Sensitive Source Code Path Disclosure vulnerability is found in ElkarBackup v1.3.3. An attacker is able to view the path of the source code jobs/sort where entire source code path is displayed in the browser itself helping the attacker identify the code structure /app/elkarbackup/src/Binovo/ElkarBackupBundle/Controller/DefaultController.php

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 54.2%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 3.5

References

https://vyshnavvizz.blogspot.com/2020/09/sensitive-information-disclosure-source.html
https://www.elkarbackup.org/
https://vyshnavvizz.blogspot.com/2020/09/sensitive-information-disclosure-source.html
https://www.elkarbackup.org/

Products affected by CVE-2020-24925

Elkarbackup » Elkarbackup » Version: 1.3.3

cpe:2.3:a:elkarbackup:elkarbackup:1.3.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-24925

Products

Pricing

Contact Us