CVE-2007-4072

Published: Jul 30, 2007Modified: Apr 23, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Webbler CMS before 3.1.6 provides the full installation path within HTML comments in certain documents, which allows remote attackers to obtain sensitive information by viewing the HTML source, as demonstrated by viewing the source generated from index.php.

Affected (1)

Products: Tincan: Webbler Cms

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Tincan Webbler Cms	Up to 3.1.4

References (8)

http://osvdb.org/38995

Source: cve@mitre.org

http://tincan.co.uk/?lid=1975

Source: cve@mitre.org

Patch

http://www.procheckup.com/Vulner_2007.php

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/474530/100/0/threaded

Source: cve@mitre.org

http://osvdb.org/38995

Source: af854a3a-2127-422b-91ae-364da2661108

http://tincan.co.uk/?lid=1975

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.procheckup.com/Vulner_2007.php

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/474530/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.