Back to search
CVE-2005-2897
Published: Sep 14, 2005
Modified: Aug 7, 2024
PUBLISHED
Description
WEB//NEWS 1.4 allows remote attackers to obtain sensitive information via a direct request to files in the actions directory, which reveal the path in an error message, as demonstrated using cat.add.php.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20050907 [NewAngels Advisory #5] Stylemotion WEB//NEWS 1.4 Vulnerabilities
mailing-list
x_refsource_BUGTRAQ
16727
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now