Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0066

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2004-0066
Last Modified 05 Sep 2008 04:37:24
Published 17 Feb 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0066

Summary

phpGedView before 2.65 allows remote attackers to obtain the absolute path of the web server via malformed parameters to (1) indilist.php, (2) famlist.php, (3) placelist.php, (4) imageview.php, (5) timeline.php, (6) clippings.php, (7) login.php, and (8) gdbi.php.

Vulnerable Systems

Application

  • Phpgedview 2.65


References

BUGTRAQ - 20040112 More phpGedView Vulnerabilities

XF - phpgedview-path-disclosure(14215)

OSVDB - 3464


Last Updated: 27 May 2016 10:38:27