Vulnerabilities > Paperthin > Commonspot Content Server > 4.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-12-29 | CVE-2005-4575 | Information Disclosure vulnerability in CommonSpot Content Server PaperThin CommonSpot Content Server 4.5 and earlier allow remote attackers to obtain sensitive information via an invalid errmsg parameter to loader.cfm with a url parameter set to email-login-info.cfm, which leaks the full pathname in the resulting error message. | 5.0 |
2005-12-29 | CVE-2005-4574 | Cross-Site Scripting vulnerability in PaperThin CommonSpot Content Server Cross-site scripting (XSS) vulnerability in loader.cfm in PaperThin CommonSpot Content Server 4.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the bNewWindow parameter. network paperthin | 4.3 |