Sensitive Information Disclosure in Centrinity FirstClass 7.1 via URL Manipulation
CVE-2003-1173 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
Centrinity FirstClass 7.1 allows remote attackers to access sensitive information by appending search to the end of the URL and checking all of the search option checkboxes and leaving the text field blank, which will return all files in the searched directory.
Learn more about our Web Application Penetration Testing UK.