MercuryBoard 1.1.1 allows remote attackers to gain sensitive information via an HTTP request with the n parameter set to 0, which causes a divide-by-zero error and reveals the path in the resulting error message.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Mercuryboard | Mercuryboard | 1.1 (including) | 1.1 (including) |
Mercuryboard | Mercuryboard | 1.1.1 (including) | 1.1.1 (including) |