CVE-2005-4017

Medium

5/10

Summary

property.php in Widget Property 1.1.19 allows remote attackers to obtain the full server path via an invalid lang value, which leaks the path in the resulting error message.

Access Complexity: LOW
AccessVector: NETWORK
Authentication: NONE
Integrity Impact: NONE
Confidentiality Impact: PARTIAL
Availability Impact: NONE

References

Advisory Timeline

Published Dec 05, 2005

CVE-2005-4017

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS