Vulnerability Details CVE-2005-4575
PaperThin CommonSpot Content Server 4.5 and earlier allow remote attackers to obtain sensitive information via an invalid errmsg parameter to loader.cfm with a url parameter set to email-login-info.cfm, which leaks the full pathname in the resulting error message.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 60.2%
CVSS Severity
CVSS v2 Score 5.0
References
- http://pridels0.blogspot.com/2005/12/commonspot-content-server-vuln.html
- http://secunia.com/advisories/18257
- http://www.osvdb.org/21932
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23865
- http://pridels0.blogspot.com/2005/12/commonspot-content-server-vuln.html
- http://secunia.com/advisories/18257
- http://www.osvdb.org/21932
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23865
Products affected by CVE-2005-4575
-
cpe:2.3:a:paperthin:commonspot_content_server:-
-
cpe:2.3:a:paperthin:commonspot_content_server:2.5
-
cpe:2.3:a:paperthin:commonspot_content_server:3.0
-
cpe:2.3:a:paperthin:commonspot_content_server:3.2
-
cpe:2.3:a:paperthin:commonspot_content_server:4.0