← CVECheck
HomeVulnerabilities

CVE-2001-0947 — HIGH severity vulnerability (Forms.exe CGI program in ValiCert Enterprise Validation Auth)

Forms.exe CGI program in ValiCert Enterprise Validation Authority (EVA) 3.3 through 4.2.1 allows remote attackers to determine the real pathname of the server by requesting an invalid extension, which produces an error page that includes the path.

CVE IDCVE-2001-0947
SeverityHIGH
CVSS score7.5
CVSS vectorAV:N/AC:L/Au:N/C:P/I:P/A:P
CWENVD-CWE-Other
StatusModified
Published2001-12-04
Last modified2026-04-16
DescriptionForms.exe CGI program in ValiCert Enterprise Validation Authority (EVA) 3.3 through 4.2.1 allows remote attackers to determine the real pathname of the server by requesting an invalid extension, which produces an error page that includes the path.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →