header-logo
Suggest Exploit
vendor:
Content Management System
by:
SecurityFocus
3.3
CVSS
MEDIUM
Path Disclosure
200
CWE
Product Name: Content Management System
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

Sage Content Management System Path Disclosure Vulnerability

Sage Content Management System contains a path disclosure vulnerability. When a request is made for a module that does not exist, the returned error message contains the full path to the Sage installation directory. Disclosed path information could be used to launch further attacks against the system.

Mitigation:

Ensure that the Sage Content Management System is configured to return generic error messages instead of disclosing the full path to the Sage installation directory.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/6893/info

Sage Content Management System contains a path disclosure vulnerability. When a request is made for a module that does not exist, the returned error message contains the full path to the Sage installation directory.

Disclosed path information could be used to launch further attacks against the system. 

http://hostname/?mod=some_thing&op=browse

http://hostname/?mod=node&nid=some_thing&op=view

Navigation

Suggest Exploit

Services By CQR