Path Disclosure Vulnerability in Verity Ultraseek before 5.2.2

Path Disclosure Vulnerability in Verity Ultraseek before 5.2.2

CVE-2004-0050 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Verity Ultraseek before 5.2.2 allows remote attackers to obtain the full pathname of the document root via an MS-DOS device name in the web search option, such as (1) NUL, (2) CON, (3) AUX, (4) COM1, (5) COM2, and others.

Learn more about our Web App Pen Testing.