Vulnerabilities > CVE-2005-4384 - Remote Security vulnerability in Citysoft Community Enterprise 4.X
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
NONE Summary
CitySoft Community Enterprise 4.x allows remote attackers to obtain the full path of the server via an invalid (1) fuseaction parameter to index.cfm and (2) documentid parameter to document/docWindow.cfm.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |