Lucene search

[email protected]CVE-2004-2588

HistoryDec 31, 2004 - 5:00 a.m.

CVE-2004-2588

2004-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2004-2588

information security

xmb

phpinfo.php

configuration leak

remote attack

7.1 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.018 Low

EPSS

Percentile

88.0%

JSON

Intentional information leak in phpinfo.php in XMB (aka extreme message board) 1.9 beta (aka Nexus beta) allows remote attackers to obtain sensitive information such as the configuration of the web server and the PHP application.

CPENameOperatorVersion
xmb_software:xmb_forumxmb software xmb forumeq1.9_nexus_beta

CPE	Name	Operator	Version
xmb_software:xmb_forum	xmb software xmb forum	eq	1.9_nexus_beta

References

archives.neohapsis.com/archives/bugtraq/2004-03/0265.html

marc.info/?l=bugtraq&m=108032355905265&w=2

securitytracker.com/id?1009561

www.osvdb.org/4643

www.securityfocus.com/bid/9983

docs.xmbforum2.com/index.php?title=Security_Issue_History

exchange.xforce.ibmcloud.com/vulnerabilities/15656

7.1 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.018 Low

EPSS

Percentile

88.0%

JSON