Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-1089


Vulnerability Score 5.0 5.0
CVE Id CVE-2003-1089
Last Modified 05 Sep 2008 04:36:00
Published 31 Dec 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



index.php for Zorum 3.4 allows remote attackers to determine the full path of the web root via invalid parameter names, which reveals the path in a PHP error message.

Vulnerable Systems


  • Phpoutsourcing Zorum 3.4


XF - zorum-index-path-disclosure(12868)

BID - 8396

SECTRACK - 1013365

BUGTRAQ - 20030811 ZH2003-22SA (security advisory): Zorum XSS Vulnerability and Path Disclosure

Last Updated: 27 May 2016 10:38:13