CVE-2004-2009

2004-05-08T04:00:00
ID CVE-2004-2009
Type cve
Reporter cve@mitre.org
Modified 2017-07-11T01:31:00

Description

NukeJokes 1.7 and 2 Beta allows remote attackers to obtain the full path of the server via (1) a direct call to mainfunctions.php, (2) an invalid jokeid parameter in a JokeView function or (3) an invalid cat parameter in a CatView function, which reveals the path in a PHP error message.