CVE-2008-7154

Published Sep 2, 2009

Last updated 7 years ago

CVSS info 5.0

Overview

Description: Docebo 3.5.0.3 and earlier allows remote attackers to obtain sensitive information via a direct request to (1) class/class.conf_fw.php, (2) class.module/class.event_manager.php, (3) lib/lib.domxml5.php, or (4) menu/menu_over.php in doceboCore/; or (5) class/class.conf_cms.php, (6) lib/lib.compose.php, (7) modules/chat/teleskill.php, or (8) class/class.admin_menu_cms.php in doceboCms/; which reveals the installation path in an error message.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-200

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:docebo:docebo:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E1F840F9-0DED-42C4-8284-B5A4231EF736",
            "versionEndIncluding": "3.5.0.3"
          },
          {
            "criteria": "cpe:2.3:a:docebo:docebo:3.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "23AA5FB6-D586-4D59-B358-D49E70E263B3"
          },
          {
            "criteria": "cpe:2.3:a:docebo:docebo:3.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "361855A0-5096-43D8-9CE1-83C0B7CC0AE8"
          },
          {
            "criteria": "cpe:2.3:a:docebo:docebo:3.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6D1C2A0C-5092-4E30-9A77-6B70C2D40036"
          },
          {
            "criteria": "cpe:2.3:a:docebo:docebo:3.5_beta:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5A3571BE-A6AF-468C-9B92-9179DEBA9BF9"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References