Vulnerabilities > CVE-2006-3937 - Information Disclosure vulnerability in Xguestbook 1.02
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
post.php in x_atrix xGuestBook 1.02 allows remote attackers to obtain sensitive information via a request without the (1) user, (2) mail, (3) p, or (4) url parameter, which reveals the installation path in an error message.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |