Vulnerabilities > CVE-2005-2897 - Information Disclosure vulnerability in Stylemotion web News 1.4
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
WEB//NEWS 1.4 allows remote attackers to obtain sensitive information via a direct request to files in the actions directory, which reveal the path in an error message, as demonstrated using cat.add.php.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |