TOPo 1.43 allows remote attackers to obtain sensitive information by sending an HTTP request with an invalid parameter to (1) in.php or (2) out.php, which reveals the path to the TOPo directory in the error message.
References
Configurations
History
No history.
Information
Published : 2003-12-31 05:00
Updated : 2024-02-28 10:24
NVD link : CVE-2003-1409
Mitre link : CVE-2003-1409
CVE.ORG link : CVE-2003-1409
JSON object : View
Products Affected
ej3
- topo
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor