BookReview beta 1.0 allows remote attackers to obtain the path of the web server via certain parameters to search.htm, possibly due to a search[string] parameter with a missing value or an incorrect submit[type] value, which reveals the path in the resulting error message. NOTE: it is not clear whether BookReview is available to the public. If not, then it should not be included in CVE.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2005-05-31T04:00:00

Updated: 2024-08-07T21:59:24.177Z

Reserved: 2005-05-31T00:00:00

Link: CVE-2005-1783

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2005-05-31T04:00:00.000

Modified: 2024-11-20T23:58:07.610

Link: CVE-2005-1783

cve-icon Redhat

No data.