The Gossamer Threads DBMan db.cgi CGI script allows remote attackers to view environmental variables and setup information by referencing a non-existing database in the db parameter.
Affected Software
Name |
Vendor |
Start Version |
End Version |
Dbman |
Gossamer_threads |
2.0.4 |
2.0.4 |
References