CVE-2019-7535

medium

Description

index.php in Gurock TestRail 5.3.0.3603 returns potentially sensitive information for an invalid request, as demonstrated by full path disclosure and the identification of PHP as the backend technology.

References

https://gist.github.com/nenf/2f16cd547c2afe166d1cb3f88f18bf81

Details

Source: Mitre, NVD

Published: 2019-02-07

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 5.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Severity: Medium

EPSS

EPSS: 0.00232