Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0130

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2004-0130
Last Modified 05 Sep 2008 04:37:37
Published 03 Mar 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0130

Summary

login.php in phpGedView 2.65 and earlier allows remote attackers to obtain sensitive information via an HTTP request to login.php that does not contain the required username or password parameters, which causes the information to be leaked in an error message.

Vulnerable Systems

Application

  • Phpgedview 2.65


References

MISC - http://www.securiteam.com/unixfocus/5NP0M1PBPQ.html

XF - phpgedview-loginphp-path-disclosure(15128)

OSVDB - 6886

MISC - http://www.netvigilance.com/advisory0001

SECTRACK - 1008844


Last Updated: 27 May 2016 10:38:29