Vulnerabilities > CVE-2006-2886 - Unspecified vulnerability in JAM Warehouse Knowledgetree Open Source 3.0.3
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
view.php in KnowledgeTree Open Source 3.0.3 and earlier allows remote attackers to obtain the full installation path via a crafted fDocumentId parameter, which displays the path in the resulting error message. NOTE: this might be resultant from another vulnerability, since this vector also produces XSS.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- http://pridels0.blogspot.com/2006/06/knowledgetree-open-source-xss-vuln.html
- http://pridels0.blogspot.com/2006/06/knowledgetree-open-source-xss-vuln.html
- http://www.osvdb.org/26297
- http://www.osvdb.org/26297
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26943
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26943