header-logo
Suggest Exploit
vendor:
Wiser
by:
5.5
CVSS
MEDIUM
Information Disclosure
200
CWE
Product Name: Wiser
Affected Version From: 2.1
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:

Wiser Information Disclosure Vulnerability

Wiser is prone to an information-disclosure vulnerability because it fails to sufficiently validate user-supplied data. An attacker can exploit this issue to download backup files that contain sensitive information. Information harvested may aid in launching further attacks.

Mitigation:

To mitigate this vulnerability, it is recommended to ensure that user-supplied data is properly validated and sanitized before being used in any operations that could lead to information disclosure.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/67481/info

Wiser is prone to an information-disclosure vulnerability because it fails to sufficiently validate user-supplied data.

An attacker can exploit this issue to download backup files that contain sensitive information. Information harvested may aid in launching further attacks.

Wiser 2.10 is vulnerable; other versions may also be affected. 

http://www.example.com/voip/sipserver/class/baixarBackup.php