CVE-2008-1717

Published: Apr 9, 2008Modified: Apr 23, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

WoltLab Community Framework (WCF) 1.0.6 in WoltLab Burning Board 3.0.5 allows remote attackers to obtain the full path via invalid (1) page and (2) form parameters, which leaks the path from an exception handler when a valid class cannot be found.

Affected (1)

Products: Woltlab: Burning Board

Woltlab

1 product

Burning Board

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Woltlab Burning Board	Version 3.0.5

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (14)

http://archives.neohapsis.com/archives/fulldisclosure/2008-04/0161.html

Source: cve@mitre.org

http://lists.grok.org.uk/pipermail/full-disclosure/2008-April/061271.html

Source: cve@mitre.org

http://secunia.com/advisories/29719

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/archive/1/490560/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/490782/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/28678

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/41713

Source: cve@mitre.org

http://archives.neohapsis.com/archives/fulldisclosure/2008-04/0161.html