Path Disclosure Vulnerability in zzcms 8.2
CVE-2018-7434 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
zzcms 8.2 allows remote attackers to discover the full path via a direct request to 3/qq_connect2.0/API/class/ErrorCase.class.php or 3/ucenter_api/code/friend.php.
Learn more about our Api Penetration Testing.