Skip to main content

CVE-2007-0194

Severity High
Score 7.8/10

Summary

admin.php in MKPortal M1.1 RC1 allows remote attackers to obtain sensitive information via a direct request with an MK_PATH=1 query string, which reveals the path in an error message.

  • LOW
  • NETWORK
  • NONE
  • NONE
  • COMPLETE
  • NONE

References

Advisory Timeline

  • Published