Vulnerabilities > CVE-2007-1236 - Information Disclosure vulnerability in SiteX
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
NONE Summary
sitex allows remote attackers to obtain sensitive information via a request with a numerical value for the (1) sxMonth[] or (2) sxYear[] parameter to calendar.php, or the (3) page[] parameter to calendar_events.php, which reveals the path in various error messages.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |