Sensitive Information Disclosure in WebCalendar's validate.php

CVE-2004-1509 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

validate.php in WebCalendar allows remote attackers to gain sensitive information via an invalid encoded_login parameter, which reveals the full path in an error message.

Learn more about our Web App Pen Testing.