Information Disclosure Vulnerability in Feng Office by Feng Office
CVE-2011-3738

Currently unrated

Key Information:

Vendor: Fengoffice
Status: Feng Office
Vendor: CVE Published:; 23 September 2011

What is CVE-2011-3738?

Feng Office version 1.7.2 is susceptible to an information disclosure issue that allows remote attackers to gain unauthorized access to sensitive details through direct requests to certain PHP files. This exposure leads to the revelation of the installation path in error messages, which may assist attackers in further compromising the system or gaining additional information.

References

http://www.openwall.com/lists/oss-security/2011/06/27/6

mailing-listx_refsource_MLIST

http://code.google.com/p/inspathx/source/browse/trunk/pat...

x_refsource_MISC

http://code.google.com/p/inspathx/source/browse/trunk/pat...

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Sep 23, 2011

Fengoffice

What is CVE-2011-3738?

References

Timeline