Unrated severityNVD Advisory· Published Dec 20, 2005· Updated Jun 16, 2026
CVE-2005-4384
CVE-2005-4384
Description
CitySoft Community Enterprise 4.x allows remote attackers to obtain the full path of the server via an invalid (1) fuseaction parameter to index.cfm and (2) documentid parameter to document/docWindow.cfm.
Affected products
2cpe:2.3:a:citysoft:community_enterprise:4.x:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:citysoft:community_enterprise:4.x:*:*:*:*:*:*:*
- (no CPE)range: 4.x
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.