CVE-2008-1717

WoltLab Community Framework (WCF) 1.0.6 in WoltLab Burning Board 3.0.5 allows remote attackers to obtain the full path via invalid (1) page and (2) form parameters, which leaks the path from an exception handler when a valid class cannot be found.

Published: Apr 9, 2008
Updated: Apr 13, 2023
CVE: CVE-2008-1717
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-200

Affected Software
References

Software	From	Fixed in
woltlab / burning_board	3.0.5	3.0.5.x

http://archives.neohapsis.com/archives/fulldisclosure/2008-04/0161.html
http://lists.grok.org.uk/pipermail/full-disclosure/2008-April/061271.html
http://secunia.com/advisories/29719
http://www.securityfocus.com/archive/1/490560/100/0/threaded
http://www.securityfocus.com/archive/1/490782/100/0/threaded
http://www.securityfocus.com/bid/28678
https://exchange.xforce.ibmcloud.com/vulnerabilities/41713

Vulnerability Database

289,784

CVE-2008-1717