Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-2288


Vulnerability Score 5.0 5.0
CVE Id CVE-2002-2288
Last Modified 05 Sep 2008 04:32:49
Published 31 Dec 2002 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Mambo Site Server 4.0.11 allows remote attackers to obtain the physical path of the server via an HTTP request to index.php with a parameter that does not exist, which causes the path to be leaked in an error message.

Vulnerable Systems


  • Mambo Site Server 4.0.11


BID - 6387

XF - mambo-index-path-disclosure(10856)

BUGTRAQ - 20021212 Multiple Mambo Site Server sec-weaknesses

Last Updated: 27 May 2016 10:37:41