CVE-2005-4575
published 2005-12-29CVE-2005-4575: PaperThin CommonSpot Content Server 4.5 and earlier allow remote attackers to obtain sensitive information via an invalid errmsg parameter to loader.cfm with a…
PriorityP411medium5CVSS 2.0
AVNACLAuNCPINAN
EPSS
1.43%
69.6th percentile
PaperThin CommonSpot Content Server 4.5 and earlier allow remote attackers to obtain sensitive information via an invalid errmsg parameter to loader.cfm with a url parameter set to email-login-info.cfm, which leaks the full pathname in the resulting error message.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| paperthin | commonspot_content_server | <= 4.5 | — |
| paperthin | commonspot_content_server | — | — |
| paperthin | commonspot_content_server | — | — |
| paperthin | commonspot_content_server | — | — |
| paperthin | commonspot_content_server | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://pridels0.blogspot.com/2005/12/commonspot-content-server-vuln.htmlhttp://secunia.com/advisories/18257http://www.osvdb.org/21932https://exchange.xforce.ibmcloud.com/vulnerabilities/23865http://pridels0.blogspot.com/2005/12/commonspot-content-server-vuln.htmlhttp://secunia.com/advisories/18257http://www.osvdb.org/21932https://exchange.xforce.ibmcloud.com/vulnerabilities/23865
2005-12-29
Published