CVE-2018-7662

MEDIUM NUCLEI

Couch < 2.0 - Information Disclosure

Title source: rule

Description

Couch through 2.0 allows remote attackers to discover the full path via a direct request to includes/mysql2i/mysql2i.func.php or addons/phpmailer/phpmailer.php.

Nuclei Templates (1)

CouchCMS <= 2.0 - Path Disclosure

MEDIUMby ritikchaddha

References (1)

[Exploit, Issue Tracking, Third Party Advisory] https://github.com/CouchCMS/CouchCMS/issues/46

Scores

CVSS v3 5.3

EPSS 0.8963

EPSS Percentile 99.6%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Details

CWE

CWE-200

Status published

Products (1)

couchcms/couch < 2.0

Published Mar 04, 2018

Tracked Since Feb 18, 2026