Lucene search

[email protected]NVD:CVE-2004-1974

HistoryApr 27, 2004 - 4:00 a.m.

CVE-2004-1974

2004-04-2704:00:00

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.5

Confidence

High

EPSS

0.005

Percentile

77.5%

JSON

paFileDB 3.1 allows remote attackers to gain sensitive information via a direct request to (1) login.php, (2) category.php, (3) search.php, (4) main.php, (5) viewall.php, (6) download.php, (7) email.php, (8) file.php, (9) rate.php, or (10) stats.php, which reveals the path in an error message.

Affected configurations

Nvd

Node

php_arenapafiledbMatch3.1

VendorProductVersionCPE
php_arenapafiledb3.1cpe:2.3:a:php_arena:pafiledb:3.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
php_arena	pafiledb	3.1	cpe:2.3:a:php_arena:pafiledb:3.1:::::::*

References

marc.info/?l=bugtraq&m=108311096022485&w=2

exchange.xforce.ibmcloud.com/vulnerabilities/15990

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.5

Confidence

High

EPSS

0.005

Percentile

77.5%

JSON

Related for NVD:CVE-2004-1974

cvelist1 cve1