CVE-2004-1528

Sažetak

The Event Calendar module 2.13 for PHP-Nuke allows remote attackers to gain sensitive information via an HTTP request to (1) config.php, (2) index.php, or (3) submit.php, which reveal the full path in an error message.

Reference

http://marc.info/?l=bugtraq&m=110064626111756&w=2
http://secunia.com/advisories/13213
http://www.securityfocus.com/bid/11693
http://www.waraxe.us/index.php?modname=sa&id=38
https://exchange.xforce.ibmcloud.com/vulnerabilities/18105

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

11-07-2017 - 01:31

Objavljeno

31-12-2004 - 05:00