Page 4 of 31 results (0.006 seconds)
CVSS: 7.8EPSS: 1%CPEs: 42EXPL: 0
CVSS: 7.8EPSS: 1%CPEs: 42EXPL: 0CVE-2009-0843
https://notcve.org/view.php?id=CVE-2009-0843
31 Mar 2009 — The msLoadQuery function in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 allows remote attackers to determine the existence of arbitrary files via a full pathname in the queryfile parameter, which triggers different error messages depending on whether this pathname exists. La función msLoadQuery mapserv en MapServer v4.x y anteriores, v4.10.4 y v5.x anteriores v5.2.2, permite a atacantes remotos determinar la existencia de ficheros a través de un Path completo en el parámetro queryfile, lo qu... • http://lists.osgeo.org/pipermail/mapserver-users/2009-March/060600.html • CWE-20: Improper Input Validation •