Vulnerability Description
askSam Web Publisher 1.0 and 4.0 allows remote attackers to determine the full path to the web root directory via a request for a file that does not exist, which generates an error message that reveals the full path.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Asksam Systems | Asksam Web Publisher | 1.0 |
References
- http://online.securityfocus.com/archive/82/270970
- http://www.ifrance.com/kitetoua/tuto/5holes4.txtVendor Advisory
- http://www.securityfocus.com/bid/4670Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/9004
- http://online.securityfocus.com/archive/82/270970
- http://www.ifrance.com/kitetoua/tuto/5holes4.txtVendor Advisory
- http://www.securityfocus.com/bid/4670Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/9004
FAQ
What is CVE-2002-1728?
CVE-2002-1728 is a vulnerability with a CVSS score of 5.0 (MEDIUM). askSam Web Publisher 1.0 and 4.0 allows remote attackers to determine the full path to the web root directory via a request for a file that does not exist, which generates an error message that reveal...
How severe is CVE-2002-1728?
CVE-2002-1728 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-1728?
Check the references section above for vendor advisories and patch information. Affected products include: Asksam Systems Asksam Web Publisher.