CVE-2006-1851
Summary
xFlow 5.46.11 and earlier allows remote attackers to determine the installation path of the application via the (1) action parameter to members_only/index.cgi and (2) page parameter customer_area/index.cgi, probably due to invalid values.
- LOW
- NETWORK
- NONE
- NONE
- PARTIAL
- NONE
References
Advisory Timeline
- Published