Design/Logic Flaw

2006-03-0913:06:00

PRIOn knowledge base

www.prio-n.com

6.6 Medium

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

79.6%

JSON

Aztek Forum 4.0 allows remote attackers to obtain sensitive information via a long login value in a register form, which displays the installation path in a MySQL error message.

CPENameOperatorVersion
aztek_forumeq4.0

CPE	Name	Operator	Version
	aztek_forum	eq	4.0

References

securityreason.com/securityalert/539

www.osvdb.org/23612

www.securityfocus.com/archive/1/426650/100/0/threaded

www.securityfocus.com/bid/16938

www.exploit-db.com/exploits/1547