cbcvebase.
CVE-2003-0456
published 2003-08-18

CVE-2003-0456: VisNetic WebSite 3.5 allows remote attackers to obtain the full pathname of the server via a request containing a folder that does not exist, which leaks the…

PriorityP412medium5CVSS 2.0
AVNACLAuNCPINAN
EPSS
2.76%
84.4th percentile
VisNetic WebSite 3.5 allows remote attackers to obtain the full pathname of the server via a request containing a folder that does not exist, which leaks the pathname in an error message, as demonstrated using _vti_bin/fpcount.exe.

Affected

3 ranges
VendorProductVersion rangeFixed in
deerfieldvisnetic_website
deerfieldvisnetic_website
deerfieldvisnetic_website
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.