Path Disclosure Vulnerability in CONTENS 3.0 and Earlier via search.cfm Parameters
CVE-2005-4389 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
search.cfm in CONTENS 3.0 and earlier allows remote attackers to obtain the full server path via invalid (1) submit.y, (2) bool, (3) itemsperpage, (4) submit, (5) submit.x, (6) criteria, (7) advanced, and (8) intern parameters.
Learn more about our Cis Benchmark Audit For Server Software.