CVE-2008-6896

3CX Phone System 6.0.806.0 - Exposure of Sensitive Information via Installation Path Disclosure

Title source: llm
STIX 2.1

Description

login.php in 3CX Phone System 6.0.806.0, when 100% disk capacity is reached, allows remote attackers to gain sensitive information via unspecified vectors that reveal the installation path.

References (2)

Core 2
Core References
Mailing List mailing-list x_refsource_fulldisc
http://marc.info/?l=full-disclosure&m=122868146707468&w=2
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/52452

Scores

EPSS 0.0106
EPSS Percentile 60.7%

Details

CWE
CWE-200
Status published
Products (1)
3cx/phone_system 6.0.806.0
Published Aug 03, 2009
Tracked Since Feb 18, 2026