Information Disclosure Vulnerability in CaLogic 1.22 and Earlier Versions

Information Disclosure Vulnerability in CaLogic 1.22 and Earlier Versions

CVE-2005-2576 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

CaLogic 1.22, and possibly earlier versions, allows remote attackers to obtain sensitive information via a direct request to (1) doclsqlres.php, (2) clmcpreload.php, (3) viewhistlog.php, (4) mcconfig.php, (5) doclsqlbak.php, (6) defcalsel.php, or (7) cl_minical.php, which reveals the path in an error message.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.