CVE-2009-2115

EUVD-2009-2111
admin.php in SkyBlueCanvas 1.1 r237 allows remote authenticated administrators to obtain sensitive information via an invalid id parameter, which reveals the installation path in an error message.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.8 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:C/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 47%
Affected Products (NVD)
VendorProductVersion
skybluecanvasskybluecanvas
1.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/35478
http://www.securityfocus.com/archive/1/504302/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/51164
http://secunia.com/advisories/35478
http://www.securityfocus.com/archive/1/504302/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/51164