CVE-2005-3763

Exponent CMS 0.96.3 and later versions includes the full installation path in the base parameter to thumb.php, which allows remote attackers to obtain sensitive information. NOTE: this might be resultant from an absolute path traversal vulnerability.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:exponent:exponent:0.94:*:*:*:*:*:*:*
cpe:2.3:a:exponent:exponent:0.95:*:*:*:*:*:*:*
cpe:2.3:a:exponent:exponent:0.96.1:*:*:*:*:*:*:*
cpe:2.3:a:exponent:exponent:0.96.3:*:*:*:*:*:*:*
cpe:2.3:a:exponent:exponent:0.96.4:*:*:*:*:*:*:*

History

21 Nov 2024, 00:02

Type Values Removed Values Added
References () http://secunia.com/advisories/17505 - () http://secunia.com/advisories/17505 -
References () http://secunia.com/advisories/17655 - Vendor Advisory () http://secunia.com/advisories/17655 - Vendor Advisory
References () http://www.securityfocus.com/archive/1/417218 - Vendor Advisory () http://www.securityfocus.com/archive/1/417218 - Vendor Advisory

Information

Published : 2005-11-22 23:03

Updated : 2024-11-21 00:02


NVD link : CVE-2005-3763

Mitre link : CVE-2005-3763

CVE.ORG link : CVE-2005-3763


JSON object : View

Products Affected

exponent

  • exponent