1 results (0.014 seconds)

CVSS: 5.0EPSS: 0%CPEs: 9EXPL: 1

Site Documentation (Sitedoc) module for Drupal 6.x-1.x before 6.x-1.4 does not properly check the save location when archiving, which allows remote attackers to obtain sensitive information via unspecified vectors. El módulo para Drupal Site Documentation (Sitedoc) no comprueba correctamente la ubicación de almacenamiento al comprimir, lo que permite a atacantes remotos obtener información sensible a través de vectores no especificados. • http://drupal.org/node/1546224 http://drupal.org/node/1547686 http://drupalcode.org/project/sitedoc.git/commitdiff/521721c http://www.openwall.com/lists/oss-security/2012/05/03/1 http://www.openwall.com/lists/oss-security/2012/05/03/2 http://www.osvdb.org/81555 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •