phProfession 2.5 allows remote attackers to gain sensitive information via a direct HTTP request to upload.php, which reveals the path in a PHP error message.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Phprofession | Phprofession | 2.5 (including) | 2.5 (including) |