← Back

CVE-2011-3829

nvd nist
Published: Jan 29, 2012Modified: Apr 29, 2026

JSON object

Loading...
4.0
Vector
AV:N/AC:L/Au:S/C:P/I:N/A:N
Exploitability: 8.0 / Impact: 2.9
Source: NVD

Description

ftp_upload_file.php in Support Incident Tracker (aka SiT!) 3.65 allows remote authenticated users to obtain sensitive information via the file name, which reveals the installation path in an error message.

Affected (1)

Sitracker
1 product
Support Incident Tracker
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Support Incident Tracker
Version 3.65

Related CWEs

CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (14)

Source: PSIRT-CNA@flexerasoftware.com
Exploit
Source: PSIRT-CNA@flexerasoftware.com
Vendor Advisory
Source: PSIRT-CNA@flexerasoftware.com
Vendor Advisory
Source: PSIRT-CNA@flexerasoftware.com
Exploit
Source: PSIRT-CNA@flexerasoftware.com
Source: PSIRT-CNA@flexerasoftware.com
Exploit
Source: PSIRT-CNA@flexerasoftware.com
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.