Sensitive Information Disclosure in Exponent CMS 0.96.3 and Later Versions

Sensitive Information Disclosure in Exponent CMS 0.96.3 and Later Versions

CVE-2005-3763 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Exponent CMS 0.96.3 and later versions includes the full installation path in the base parameter to thumb.php, which allows remote attackers to obtain sensitive information. NOTE: this might be resultant from an absolute path traversal vulnerability.

Learn more about our Cms Pen Testing.