Full Path Disclosure in PHP Scripts Mall Website Seller Script 2.0.5 via Arbitrary Image URL Request

Full Path Disclosure in PHP Scripts Mall Website Seller Script 2.0.5 via Arbitrary Image URL Request

CVE-2018-20631 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

PHP Scripts Mall Website Seller Script 2.0.5 allows full Path Disclosure via a request for an arbitrary image URL such as a .png file.

Learn more about our Web App Pen Testing.