Vulnerability: CouchCMS <= 2.0 - Path Disclosure

CouchCMS <= 2.0 allows remote attackers to discover the full path via a direct request to includes/mysql2i/mysql2i.func.php or addons/phpmailer/phpmailer.php.

Impact

An attacker can exploit this vulnerability to gain knowledge of the server’s directory structure, potentially aiding in further attacks.

Severity

medium

Verified

Unknown