CVE-2003-1409

Name of the Vulnerable Software and Affected Versions TOPo version 1.43

Description The issue allows remote attackers to obtain sensitive information by sending an HTTP request with an invalid parameter to API endpoints such as "in.php" or "out.php". This action reveals the path to the TOPo directory in the error message.

Recommendations For TOPo version 1.43, consider restricting access to the "in.php" and "out.php" API endpoints until a patch is available. As a temporary workaround, avoid using invalid parameters in requests to these endpoints to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.