Lucene search
HistoryDec 17, 2005 - 11:03 a.m.
CVE-2005-4320
cve-2005-4320
limbo cms
information security
installation path leakage
remote attack
6.7 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.031 Low
EPSS
Percentile
90.9%
Limbo CMS 1.0.4.2 and earlier allows remote attackers to obtain the installation path of the application via a direct request to (1) doc.inc.php, (2) element.inc.php, and (3) node.inc.php, which leaks the path in an error message.
| CPE | Name | Operator | Version |
|---|---|---|---|
| limbo_cms:limbo_cms | limbo cms | le | 1.0.4.2 |
Related
openvas
openvas
Limbo CMS Multiple Vulnerabilities
2006-03-26 00:00:00
Limbo CMS Multiple Vulnerabilities
2006-03-26 00:00:00
nessus
nessus
Limbo CMS Multiple Vulnerabilities
2006-01-30 00:00:00
6.7 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.031 Low
EPSS
Percentile
90.9%
Related for CVE-2005-4320