CVE-2006-7000

Headstart Solutions DeskPRO allows remote attackers to obtain the full path via direct requests to (1) email/mail.php, (2) includes/init.php, (3) certain files in includes/cron/, and (4) jpgraph.php, (5) jpgraph_bar.php, (6) jpgraph_pie.php, and (7) jpgraph_pie3d.php in includes/graph/, which leaks the path in error messages.

Published : 2007-02-12 17:28 Updated : 2008-09-05 21:16

5.0
CVSS Score More info
Score 5.0 / 10
5.0
Vendor Product Version URI
Headstart Solutions Deskpro 2.0.0 cpe:/a:headstart_solutions:deskpro:2.0.0
Headstart Solutions Deskpro 2.0.1 cpe:/a:headstart_solutions:deskpro:2.0.1
  1. Headstart Solutions (1) Search CVE
    1. Deskpro (2) Search CVE
      1. 2.0.0
      2. 2.0.1

CWE

There is no CWE for this CVE.

History of changes

Date Event
2007-02-12 17:28

New CVE