Sensitive Information Disclosure in Centrinity FirstClass 7.1 via URL Manipulation

Sensitive Information Disclosure in Centrinity FirstClass 7.1 via URL Manipulation

CVE-2003-1173 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Centrinity FirstClass 7.1 allows remote attackers to access sensitive information by appending search to the end of the URL and checking all of the search option checkboxes and leaving the text field blank, which will return all files in the searched directory.

Learn more about our Web Application Penetration Testing UK.