CVE-2008-1717

WoltLab Community Framework <1.0.6 - Info Disclosure

Title source: llm
STIX 2.1

Description

WoltLab Community Framework (WCF) 1.0.6 in WoltLab Burning Board 3.0.5 allows remote attackers to obtain the full path via invalid (1) page and (2) form parameters, which leaks the path from an exception handler when a valid class cannot be found.

References (7)

Core 7
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/28678
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/41713
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/29719
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/490782/100/0/threaded
Third Party Advisory mailing-list x_refsource_fulldisc
http://archives.neohapsis.com/archives/fulldisclosure/2008-04/0161.html
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/490560/100/0/threaded
Mailing List mailing-list x_refsource_fulldisc
http://lists.grok.org.uk/pipermail/full-disclosure/2008-April/061271.html

Scores

EPSS 0.0149
EPSS Percentile 71.1%

Details

CWE
CWE-200
Status published
Products (1)
woltlab/burning_board 3.0.5
Published Apr 09, 2008
Tracked Since Feb 18, 2026