Vulnerability Details CVE-2021-3293
emlog v5.3.1 has full path disclosure vulnerability in t/index.php, which allows an attacker to see the path to the webroot/file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.341
EPSS Ranking 96.8%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 5.0
References
- https://github.com/emlog/emlog/issues/62
- https://github.com/thinkgad/Bugs/blob/main/emlog%20v5.3.1%20has%20Full%20Path%20Disclosure%20vulnerability.md
- https://github.com/emlog/emlog/issues/62
- https://github.com/thinkgad/Bugs/blob/main/emlog%20v5.3.1%20has%20Full%20Path%20Disclosure%20vulnerability.md