CVE-2003-1535

Justice Guestbook 1.3 allows remote attackers to obtain the full installation path via a direct request to cfooter.php3, which leaks the path in an error message.

Published: Dec 31, 2003
Updated: Apr 13, 2023
CVE: CVE-2003-1535
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:P/A:N

CWEs:

CWE-200

Affected Software
References

Software	From	Fixed in
justice_media / guestbook	1.3	1.3.x

http://secunia.com/advisories/8475
http://securityreason.com/securityalert/3347
http://www.securityfocus.com/archive/1/316745/30/25280/threaded
http://www.securityfocus.com/bid/7234
http://www.securitytracker.com/id?1006412

Vulnerability Database

CVE-2003-1535