CVE-2009-2115

SkyBlueCanvas 1.1 r237 - Info Disclosure

Title source: llm
STIX 2.1

Description

admin.php in SkyBlueCanvas 1.1 r237 allows remote authenticated administrators to obtain sensitive information via an invalid id parameter, which reveals the installation path in an error message.

References (3)

Core 3
Core References
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/35478
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/51164
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/504302/100/0/threaded

Scores

EPSS 0.0113
EPSS Percentile 62.5%

Details

CWE
CWE-200
Status published
Products (1)
skybluecanvas/skybluecanvas 1.1
Published Jun 18, 2009
Tracked Since Feb 18, 2026