Vulnerabilities > CVE-2005-4575 - Unspecified vulnerability in Paperthin Commonspot Content Server

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

paperthin

NVD

Published: 2005-12-29

Updated: 2024-11-21

Summary

PaperThin CommonSpot Content Server 4.5 and earlier allow remote attackers to obtain sensitive information via an invalid errmsg parameter to loader.cfm with a url parameter set to email-login-info.cfm, which leaks the full pathname in the resulting error message.

Vulnerable Configurations

Part	Description	Count
Application	Paperthin Paperthin Commonspot Content Server - Paperthin Commonspot Content Server 3.2 Paperthin Commonspot Content Server 2.5 Paperthin Commonspot Content Server 4.0 Paperthin Commonspot Content Server 3.0	5

References

http://pridels0.blogspot.com/2005/12/commonspot-content-server-vuln.html
http://pridels0.blogspot.com/2005/12/commonspot-content-server-vuln.html
http://secunia.com/advisories/18257
http://secunia.com/advisories/18257
http://www.osvdb.org/21932
http://www.osvdb.org/21932
https://exchange.xforce.ibmcloud.com/vulnerabilities/23865
https://exchange.xforce.ibmcloud.com/vulnerabilities/23865