Lucene search

[email protected]CVE-2004-0662

HistoryAug 06, 2004 - 4:00 a.m.

CVE-2004-0662

2004-08-0604:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

powerportal

information disclosure

http requests

cve-2004-0662

6.8 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.008 Low

EPSS

Percentile

80.8%

JSON

PowerPortal 1.x allows remote attackers to gain sensitive information via invalid or missing parameters in HTTP requests to (1) resize.php or (2) modules.php, which reveals the path in an error message.

CPENameOperatorVersion
powerportal:powerportalpowerportaleq1.1b
powerportal:powerportalpowerportaleq1.3b
powerportal:powerportalpowerportaleq1.3

CPE	Name	Operator	Version
powerportal:powerportal	powerportal	eq	1.1b
powerportal:powerportal	powerportal	eq	1.3b
powerportal:powerportal	powerportal	eq	1.3

References

marc.info/?l=bugtraq&m=108844362627811&w=2

www.securityfocus.com/bid/10622

www.swp-zone.org/archivos/advisory-07.txt

exchange.xforce.ibmcloud.com/vulnerabilities/16529

6.8 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.008 Low

EPSS

Percentile

80.8%

JSON

Related for CVE-2004-0662

openvas1