Summary
The CGI 'sgdynamo.exe' can be tricked into giving the physical path to the remote web root.
This information may be useful to an attacker who can use it to make better attacks against the remote server.
Solution
None at this time
Severity
Classification
-
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Apache Tomcat Information Disclosure Vulnerability
- Apache Struts2 showcase namespace XSS Vulnerability
- Apache ActiveMQ 'admin/queueBrowse' Cross Site Scripting Vulnerability
- Apache Web Server Linefeed Memory Allocation Denial Of Service Vulnerability
- AfterLogic WebMail Pro Multiple Cross Site Scripting Vulnerabilities