CVE-2001-1437

easyScripts easyNews 1.5 allows remote attackers to obtain the full path of the web root via a view request with a non-integer news message id field, which leaks the path in a PHP error message when the script times out.
Configurations

Configuration 1 (hide)

cpe:2.3:a:easyscripts:easynews:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2001-12-01 05:00

Updated : 2024-02-04 16:31


NVD link : CVE-2001-1437

Mitre link : CVE-2001-1437

CVE.ORG link : CVE-2001-1437


JSON object : View

Products Affected

easyscripts

  • easynews