3 matches found
CVE-2003-1555
ScozNet ScozBook 1.1 BETA is affected by a vulnerability in view.php where an invalid PG parameter triggers an error message that reveals the installation path, causing information disclosure. Affected component: ScozBook web frontend (view.php). Root cause: improper handling of the PG parameter ...
CVE-2003-1555
ScozNet ScozBook 1.1 BETA allows remote attackers to obtain sensitive information via an invalid PG parameter in view.php, which reveals the installation path in an error message...
ScozBook scozbook/add.php Multiple Parameter XSS
The remote host is running ScozBook This set of CGI has two vulnerabilities : - It is vulnerable to cross-site scripting attacks in add.php - If the user requests view.php with a crafted PG Variable, he will obtain the physical path of the remote CGI An attacker may use these flaws to steal the...