CVE-2012-4257

George Karpouzas Yet Another Question... - Information Disclosure

Title source: rule
STIX 2.1

Description

Yaqas (Yet Another Question & Answer System) 1.0 Alpha 1 allows remote attackers to obtain sensitive information via an invalid character in the PHPSESSID, which reveals the installation path in an error message.

References (3)

Core 3

Scores

EPSS 0.0148
EPSS Percentile 70.9%

Details

CWE
CWE-200
Status published
Products (1)
george_karpouzas/yet_another_question_\&_answer_system 1.0 alpha1
Published Aug 13, 2012
Tracked Since Feb 18, 2026