CVE-2005-3017

2022-10-0316:22:38

mitre

www.cve.org

vulnerability

content2web

remote attackers

arbitrary files

path disclosure

sql error messages

cross-site scripting

6.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

48.2%

JSON

PHP file inclusion vulnerability in index.php in Content2Web 1.0.1 allows remote attackers to include arbitrary files via the show parameter, which can lead to resultant errors such as path disclosure, SQL error messages, and cross-site scripting (XSS).

References

securitytracker.com/id?1014900