E12-5lf01
CVSS:
6.4 (AV:N/AC:L/Au:N/C:P/I:P/A:N)
False Positive:
f
Variants:
1
Year:
2012
Description
This strike exploits an information disclosure vulnerability in Zend Technologies Zend Framework. A user can POST a crafted XML file and receive content of arbitrary files.