Lucene search

[email protected]CVE-2004-0355

HistoryNov 23, 2004 - 5:00 a.m.

CVE-2004-0355

2004-11-2305:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2004-0355

invision power board

remote attack

sensitive information disclosure

7.4 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.006 Low

EPSS

Percentile

78.2%

JSON

Invision Power Board 1.3 Final allows remote attackers to gain sensitive information by selecting a file for “Personal Photo” that is not an image file, which displays the installation path in an error message.

CPENameOperatorVersion
invision_power_services:invision_boardinvision power services invision boardeq1.3

CPE	Name	Operator	Version
invision_power_services:invision_board	invision power services invision board	eq	1.3

References

marc.info/?l=bugtraq&m=107850510428567&w=2

www.securityfocus.com/bid/9810

exchange.xforce.ibmcloud.com/vulnerabilities/15400

7.4 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.006 Low

EPSS

Percentile

78.2%

JSON