Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4072

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2007-4072
Last Modified 15 Nov 2008 01:55:12
Published 30 Jul 2007 01:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-4072

Summary

Webbler CMS before 3.1.6 provides the full installation path within HTML comments in certain documents, which allows remote attackers to obtain sensitive information by viewing the HTML source, as demonstrated by viewing the source generated from index.php.

Vulnerable Systems

Application

  • Tincan Webbler Cms 3.1.4


References

MISC - http://tincan.co.uk/?lid=1975

BUGTRAQ - 20070724 PR07-20: Webroot disclosure on Webbler CMS

MISC - http://www.procheckup.com/Vulner_2007.php

OSVDB - 38995


Last Updated: 27 May 2016 10:45:46