Vulnerabilities > CVE-2003-1242 - Path Disclosure vulnerability in Sage Content Management System

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
sage
exploit available

Summary

Sage 1.0 b3 allows remote attackers to obtain the root web server path via a URL request for a non-existent module, which returns the path in an error message.

Vulnerable Configurations

Part Description Count
Application
Sage
1

Exploit-Db

descriptionSage 1.0 beta 3 Content Management System Path Disclosure Vulnerability. CVE-2003-1242. Remote exploit for windows platform
idEDB-ID:22269
last seen2016-02-02
modified2003-02-20
published2003-02-20
reportereuronymous
sourcehttps://www.exploit-db.com/download/22269/
titleSage 1.0 beta 3 Content Management System Path Disclosure Vulnerability