Path Disclosure Vulnerability in Z-BlogPHP 1.5.1

Path Disclosure Vulnerability in Z-BlogPHP 1.5.1

CVE-2018-6846 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Z-BlogPHP 1.5.1 allows remote attackers to discover the full path via a direct request to zb_system/function/lib/upload.php.

Learn more about our Web Application Penetration Testing UK.