CVE-2006-1680

Properties

Published:
09.04.2006
Updated:
17.10.2006
Patch available:
Severity:
Low
  • CVSS vector:
    (AV:R/AC:H/Au:NR/C:P/I:N/A:N/B:N)
    Product:
    Jupiter CMS: Jupiter CMS

    Vulnerability description

    Jupiter CMS 1.1.5, when display_errors is enabled, allows remote attackers to obtain the full server path via a direct request to modules/online.php.

    References:

    BUGTRAQ:http://www.securityfocus.com/archive/1/archive/1/430391/100/0/threaded