Security Advisory

CVE-2005-2897

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2005-09-14 04:00:00

Last updated 2024-08-07 22:53:29

Assigner mitre

State PUBLISHED

Description

WEB//NEWS 1.4 allows remote attackers to obtain sensitive information via a direct request to files in the actions directory, which reveal the path in an error message, as demonstrated using cat.add.php.

← Browse all CVEs View on cve.org ↗