Описание
CitySoft Community Enterprise 4.x allows remote attackers to obtain the full path of the server via an invalid (1) fuseaction parameter to index.cfm and (2) documentid parameter to document/docWindow.cfm.
CitySoft Community Enterprise 4.x allows remote attackers to obtain the full path of the server via an invalid (1) fuseaction parameter to index.cfm and (2) documentid parameter to document/docWindow.cfm.
EPSS
Процентиль: 65%
0.00483
Низкий
CVE ID
Связанные уязвимости
nvd
около 20 лет назад
CitySoft Community Enterprise 4.x allows remote attackers to obtain the full path of the server via an invalid (1) fuseaction parameter to index.cfm and (2) documentid parameter to document/docWindow.cfm.
EPSS
Процентиль: 65%
0.00483
Низкий