CVE-2005-4384
Summary
CitySoft Community Enterprise 4.x allows remote attackers to obtain the full path of the server via an invalid (1) fuseaction parameter to index.cfm and (2) documentid parameter to document/docWindow.cfm.
- LOW
- NETWORK
- NONE
- PARTIAL
- PARTIAL
- NONE
References
Advisory Timeline
- Published