|Title:||BroadVision Physical Path Disclosure Vulnerability|
BroadVision will reveal the physical path of the
webroot when asked for a non-existent .jsp file
if it is incorrectly configured. Whilst printing errors
to the output is useful for debugging applications, this
feature should not be enabled on production servers.
Solution : There was no solution ready when this vulnerability was written
Please contact the vendor for updates that address this vulnerability.
Risk factor : Low
BugTraq ID: 2088|
Common Vulnerability Exposure (CVE) ID: CVE-2001-0031
Bugtraq: 20001207 BroadVision One-To-One Enterprise Path Disclosure Vulnerability (Google Search)
XForce ISS Database: broadvision-bv1to1-reveal-path(5661)
|Copyright||This script is Copyright (C) 2001 Renaud Deraison|
|This is only one of 87302 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.