CVE-2004-0665

Description

csFAQ.cgi in csFAQ allows remote attackers to gain sensitive information via an invalid database parameter, which reveals the path to the web server in an error message.

Affected products

• cgiscript.net / csfaq
• cgiscript.net / csfaq1.0 – 1.0

References

• MISChttp://www.swp-zone.org/archivos/advisory-08.txt
• MAILING_LISThttp://marc.info/?l=bugtraq&m=108844203121238&w=2
• MISChttp://www.securityfocus.com/bid/10618
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/16526