CVE-2005-4405

Name of the Vulnerable Software and Affected Versions Red Queen versions 1.02 and earlier

Description The issue allows remote attackers to obtain the full server path via invalid parameters, including yellowpage id, skin id, supplier id, and module, which leaks the path in an error message.

Recommendations For Red Queen versions 1.02 and earlier, consider restricting access to the redqueen.cgi script until a fix is available. As a temporary workaround, avoid using invalid parameters in the affected script to minimize the risk of path disclosure.