CVE-2014-10005

Published: Jan 13, 2015Modified: May 6, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Maian Uploader 4.0 allows remote attackers to obtain sensitive information via a request without the height parameter to load_flv.js.php, which reveals the installation path in an error message.

Affected (1)

Products: Maianscriptworld: Maian Uploader

Maianscriptworld

1 product

Maian Uploader

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Maianscriptworld Maian Uploader	Version 4.0

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

http://packetstormsecurity.com/files/124918

Source: cve@mitre.org

Exploit

http://www.osvdb.org/102487

Source: cve@mitre.org

http://packetstormsecurity.com/files/124918

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://www.osvdb.org/102487

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.