← back
CVE-2018-7737

CVE-2018-7737

EPSS 8.8%
In Z-BlogPHP 1.5.1.1740, there is Web Site physical path leakage, as demonstrated by admin_footer.php or admin_footer.php. NOTE: the software maintainer disputes that this is a vulnerability
Affected products
n/a · n/a
public PoCs found3
cve_referencepacketstormsecurity.com/files/147063/Z-Blog-1.5.1.1740-Full-Path-Disclosure.htmlunverifiedcve_referencewww.exploit-db.com/exploits/44407/unverifiedexploitdbwww.exploit-db.com/exploits/44407unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/ponyma233/cms/blob/master/Z-Blog_1.5.1.1740_bugs.md#web-site-physical-path-leakagehttps://github.com/zblogcn/zblogphp/issues/205https://packetstormsecurity.com/files/147063/Z-Blog-1.5.1.1740-Full-Path-Disclosure.htmlhttps://www.exploit-db.com/exploits/44407/