What is CVE-2018-7662?

CVE-2018-7662 is a vulnerability in N/a. Published 2018-03-04.

Is CVE-2018-7662 known to be exploited?

11 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2018-7662

Couch through 2.0 allows remote attackers to discover the full path via a direct request to includes/mysql2i/mysql2i.func.php or addons/phpmailer/phpmailer.php.

EPSS: 0.896 (99.6th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

20142995/Goby
20142995/nuclei-templates
5ecurity/CVE-List
ARPSyndicate/cvemon
ARPSyndicate/kenzer-templates
HimmelAward/Goby_
NyxAzrael/Goby_
SexyBeast233/SecBooks
Z0fhack/Goby_
amcai/myscan

References

github.com/CouchCMS/CouchCMS/issues/46 (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2018-7662?: CVE-2018-7662 is a vulnerability in N/a. Published 2018-03-04.
Is CVE-2018-7662 known to be exploited?: 11 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.