Path Disclosure Vulnerability in redqueen.cgi

Path Disclosure Vulnerability in redqueen.cgi

CVE-2005-4405 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

redqueen.cgi in Red Queen 1.02 and earlier allows remote attackers to obtain the full server path via invalid (1) yellowpage_id, (2) skin_id, (3) supplier_id, and (4) module parameters, which leaks the path in an error message.

Learn more about our Cis Benchmark Audit For Server Software.