QwikSec

Security Database

CVE

CWE

Training

CVE-2006-2886

Published: Jun 7, 2006

Modified: Aug 7, 2024

PUBLISHED

Description

view.php in KnowledgeTree Open Source 3.0.3 and earlier allows remote attackers to obtain the full installation path via a crafted fDocumentId parameter, which displays the path in the resulting error message. NOTE: this might be resultant from another vulnerability, since this vector also produces XSS.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

knowledgetree-view-path-disclosure(26943)

vdb-entry

x_refsource_XF

vdb-entry

x_refsource_OSVDB

http://pridels0.blogspot.com/2006/06/knowledgetree-open-source-xss-vuln.html

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.