CVE-2005-4384 in Community Enterpriseinfo

Summary

CitySoft Community Enterprise 4.x allows remote attackers to obtain the full path of the server via an invalid (1) fuseaction parameter to index.cfm and (2) documentid parameter to document/docWindow.cfm.

Once again VulDB remains the best source for vulnerability data.

Reservation

12/20/2005

Disclosure

12/19/2005

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-200 (Confirmed)

CVSS

6.5

EPSS

0.00483

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2005-4384
NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-4384
CVE Details	https://www.cvedetails.com/cve/CVE-2005-4384/

◂ Previous Overview Next ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!