ID:5627 - Exploit for Information disclosure in W3 Total Cache - CVE-2019-6715

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:5627 - Exploit for Information disclosure in W3 Total Cache - CVE-2019-6715

ID:5627 - Exploit for Information disclosure in W3 Total Cache - CVE-2019-6715

Published: June 17, 2021


Vulnerability identifier: #VU18405
Vulnerability risk: Medium
CVE-ID: CVE-2019-6715
CWE-ID: CWE-200
Exploitation vector: Remote access
Vulnerable software:
W3 Total Cache

Link to public exploit:


Vulnerability description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to an error in pub/sns.php script. A remote attacker can read contents of arbitrary file on the system via the SubscribeURL field in SubscriptionConfirmation JSON data.


Remediation

Install updates from vendor's website.