CVE-2001-1437

CVE-2001-1437 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

easyScripts easyNews 1.5 allows remote attackers to obtain the full path of the web root via a view request with a non-integer news message id field, which leaks the path in a PHP error message when the script times out.

Learn more about our Web App Pen Testing.