ShielderSec/CVE-2020-11579
GitHub
Releases0
Stars21
Exploit code for CVE-2020-11579, an arbitrary file disclosure through the MySQL client in PHPKB
CVE History
| CVE | Published | CVSS v3 | CVSS v2 |
|---|---|---|---|
| 7.5 HIGH | 5 MEDIUM | ||
An issue was discovered in Chadha PHPKB 9.0 Enterprise Edition. installer/test-connection.php (part of the installation process) allows a remote unauthenticated attacker to disclose local files on hosts running PHP before 7.2.16, or on hosts where the MySQL ALLOW LOCAL DATA INFILE option is enabled. | |||