CVE-2005-1783

Name of the Vulnerable Software and Affected Versions BookReview version 1.0

Description The issue allows remote attackers to obtain the path of the web server via certain parameters to "search.htm". This is possibly due to a search[string] parameter with a missing value or an incorrect submit[type] value, which reveals the path in the resulting error message.

Recommendations For BookReview version 1.0, as a temporary workaround, consider restricting access to the "search.htm" endpoint until a patch is available. Avoid using the search[string] parameter and submit[type] value in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.