ID CVE-2002-0266
Summary Thunderstone Texis CGI script allows remote attackers to obtain the full path of the web root via a request for a nonexistent file, which generates an error message that includes the full pathname.
References
Vulnerable Configurations
  • cpe:2.3:a:thunderstone_software:texis:3.0:*:*:*:*:*:*:*
    cpe:2.3:a:thunderstone_software:texis:3.0:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 18-10-2016 - 02:17)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:N/A:N
refmap via4
bid 4035
bugtraq
  • 20020206 texis(CGI) Path Disclosure Vulnerability
  • 20020211 Re: texis(CGI) Path Disclosure Vulnerability
xf texis-cgi-information-disclosure(8103)
Last major update 18-10-2016 - 02:17
Published 29-05-2002 - 04:00
Last modified 18-10-2016 - 02:17
Back to Top