CVE-2004-2671

CVE-2004-2671

EPSS 1.6%

mod.php in eNdonesia 8.3 allows remote attackers to obtain sensitive information via certain direct requests, and certain requests with invalid parameter values, which reveal the path in various error messages, as demonstrated by the (1) mod and (2) cid parameters.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://echo.or.id/adv/adv02-y3dips-2004.txt http://secunia.com/advisories/12231 http://securitytracker.com/id?1010864 https://exchange.xforce.ibmcloud.com/vulnerabilities/13042 http://www.securityfocus.com/archive/1/370855 http://www.securityfocus.com/bid/8507