cbcvebase.
CVE-2005-4575
published 2005-12-29

CVE-2005-4575: PaperThin CommonSpot Content Server 4.5 and earlier allow remote attackers to obtain sensitive information via an invalid errmsg parameter to loader.cfm with a…

PriorityP411medium5CVSS 2.0
AVNACLAuNCPINAN
EPSS
1.43%
69.6th percentile
PaperThin CommonSpot Content Server 4.5 and earlier allow remote attackers to obtain sensitive information via an invalid errmsg parameter to loader.cfm with a url parameter set to email-login-info.cfm, which leaks the full pathname in the resulting error message.

Affected

5 ranges
VendorProductVersion rangeFixed in
paperthincommonspot_content_server<= 4.5
paperthincommonspot_content_server
paperthincommonspot_content_server
paperthincommonspot_content_server
paperthincommonspot_content_server
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.