CVE-2005-4575
PaperThin CommonSpot Content Server 4.5 and earlier is affected. An attacker can trigger an error by passing an invalid errmsg parameter to loader.cfm with the url parameter set to email-login-info.cfm, causing the full filesystem pathname to be exposed in the error message. The vulnerability lea...