Directory Traversal Vulnerability in Zentao Demo15 Allows Remote Information Disclosure

Directory Traversal Vulnerability in Zentao Demo15 Allows Remote Information Disclosure

CVE-2022-37700 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Zentao Demo15 is vulnerable to Directory Traversal. The impact is: obtain sensitive information (remote). The component is: URL : view-source:https://demo15.zentao.pm/user-login.html/zentao/index.php?mode=getconfig.

Learn more about our User Device Pen Test.