CVE-2003-1555

ScozBook 1.1 BETA - Exposure of Sensitive Information via Invalid PG Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2003-1555. PoCs published by euronymous.

AI-analyzed exploit summary The provided text describes a path disclosure vulnerability in ScozBook's view.php script, where a request with a specific parameter exposes sensitive filesystem information. This is an information leak vulnerability rather than a full exploit.

Description

ScozNet ScozBook 1.1 BETA allows remote attackers to obtain sensitive information via an invalid PG parameter in view.php, which reveals the installation path in an error message.

Exploits (1)

exploitdb WRITEUP VERIFIED

by euronymous · textwebappsphp

https://www.exploit-db.com/exploits/22445

View Code ZIP pw:eip

The provided text describes a path disclosure vulnerability in ScozBook's view.php script, where a request with a specific parameter exposes sensitive filesystem information. This is an information leak vulnerability rather than a full exploit.

Classification

Writeup 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: ScozBook (version unspecified)

No auth needed

Prerequisites: Access to the target web server

MITRE ATT&CK