CVE-2005-4575

CVE-2005-4575 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

PaperThin CommonSpot Content Server 4.5 and earlier allow remote attackers to obtain sensitive information via an invalid errmsg parameter to loader.cfm with a url parameter set to email-login-info.cfm, which leaks the full pathname in the resulting error message.

Learn more about our Cis Benchmark Audit For Server Software.