CVE-2006-5651

Properties

Published:
06.11.2006
Updated:
09.11.2006
Patch available:
Severity:
Low
  • CVSS vector:
    (AV:R/AC:L/Au:NR/C:P/I:N/A:N/B:N)
    Product:
    DigiOz: DigiOz Guestbook

    Vulnerability description

    list.php in DigiOz Guestbook before 1.7.1 allows remote attackers to obtain sensitive information via a non-numeric page parameter, which displays the installation path in the resulting error message.

    References:

    FULLDISC: http://marc.theaimsgroup.com/?l=full-disclosure&m=116288079420333&w=2
    http://www.netvigilance.com/advisory0006: http://www.netvigilance.com/advisory0006
    OSVDB: http://www.osvdb.org/29985
    BUGTRAQ: http://www.securityfocus.com/archive/1/450826/30/0/threaded