CVE-2011-5067
Support Incident Tracker 3.65 - Authenticated Sensitive Information Exposure via move_uploaded_file.php
Title source: llmDescription
move_uploaded_file.php in Support Incident Tracker (aka SiT!) 3.65 allows remote authenticated users to obtain sensitive information via the file name, which reveals the installation path in an error message.
References (1)
Core 1
Core References
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/576355
Scores
EPSS
0.0104
EPSS Percentile
60.0%
Details
CWE
CWE-200
Status
published
Products (1)
sitracker/support_incident_tracker
3.65
Published
Jan 29, 2012
Tracked Since
Feb 18, 2026