CVE-2004-1226

2004-12-1505:00:00

mitre

www.cve.org

6.6 Medium

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

77.5%

JSON

SugarCRM Sugar Sales 2.0.1c and earlier allows remote attackers to gain sensitive information via certain requests to scripts that contain invalid input, which reveals the path in an error message, as demonstrated using phprint.php with an empty module parameter.