CVE-2024-46547

A vulnerability was found in Romain Bourdon Wampserver all versions (discovered in v3.2.3 and v3.2.6) where unauthorized users could access sensitive information due to improper access control validation via PHP Info Page. This issue can lead to data leaks.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://gist.github.com/omkar170/232236c38b6e795fb73921e555e1a609

Configurations

No configuration.

History

11 Dec 2024, 16:15

Type	Values Removed	Values Added
CWE		CWE-116
Summary		(es) Se encontró una vulnerabilidad en todas las versiones de Romain Bourdon Wampserver (descubierta en v3.2.3 y v3.2.6) donde usuarios no autorizados podían acceder a información confidencial debido a una validación incorrecta del control de acceso a través de la página de información de PHP. Este problema puede provocar fugas de datos.
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.5

09 Dec 2024, 19:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-12-09 19:15

Updated : 2024-12-11 16:15

NVD link : CVE-2024-46547

Mitre link : CVE-2024-46547

CVE.ORG link : CVE-2024-46547

JSON object : View

Products Affected

No product.

CWE

CWE-116

Improper Encoding or Escaping of Output

7.5 /10