← CVECheck
HomeVulnerabilities

CVE-2003-0456 — MEDIUM severity vulnerability (VisNetic WebSite 3.5 allows remote attackers to obtain the f)

VisNetic WebSite 3.5 allows remote attackers to obtain the full pathname of the server via a request containing a folder that does not exist, which leaks the pathname in an error message, as demonstrated using _vti_bin/fpcount.exe.

CVE IDCVE-2003-0456
SeverityMEDIUM
CVSS score5.0
CVSS vectorAV:N/AC:L/Au:N/C:P/I:N/A:N
CWECWE-200
StatusModified
Published2003-08-18
Last modified2026-04-16
DescriptionVisNetic WebSite 3.5 allows remote attackers to obtain the full pathname of the server via a request containing a folder that does not exist, which leaks the pathname in an error message, as demonstrated using _vti_bin/fpcount.exe.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →