CVE-2003-1535

Published: Dec 31, 2003Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Justice Guestbook 1.3 allows remote attackers to obtain the full installation path via a direct request to cfooter.php3, which leaks the path in an error message.

Affected (1)

Products: Justice Media: Guestbook

Justice Media

1 product

Guestbook

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Justice Media Guestbook	Version 1.3

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (10)

http://secunia.com/advisories/8475

Source: cve@mitre.org

Vendor Advisory

http://securityreason.com/securityalert/3347

Source: cve@mitre.org

Exploit

http://www.securityfocus.com/archive/1/316745/30/25280/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/7234

Source: cve@mitre.org

Exploit

http://www.securitytracker.com/id?1006412

Source: cve@mitre.org

Exploit

http://secunia.com/advisories/8475