PT-2001-2530 · Easy Scripts · Easyscripts Easynews
Published
2001-12-01
·
Updated
2017-07-11
·
CVE-2001-1437
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
easyScripts easyNews version 1.5
Description
The issue allows remote attackers to obtain the full path of the web root. This is achieved via a view request with a non-integer news message id field, which leaks the path in a PHP error message when the script times out.
Recommendations
For easyScripts easyNews version 1.5, consider validating the news message id field to ensure it only accepts integer values to prevent path leakage. As a temporary workaround, consider disabling the view request functionality for non-integer news message id fields until a patch is available.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Easyscripts Easynews