Lucene search

[email protected]NVD:CVE-2004-2296

HistoryDec 31, 2004 - 5:00 a.m.

CVE-2004-2296

2004-12-3105:00:00

[email protected]

web.nvd.nist.gov

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.2 Medium

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

80.7%

JSON

The preview_review function in the Reviews module in PHP-Nuke 6.0 to 7.3, when running on Windows systems, allows remote attackers to obtain sensitive information via an invalid date parameter, which generates an error message.

Affected configurations

NVD

Node

francisco_burziphp-nukeMatch6.0

francisco_burziphp-nukeMatch6.5

francisco_burziphp-nukeMatch6.5_beta1

francisco_burziphp-nukeMatch6.5_final

francisco_burziphp-nukeMatch6.5_rc1

francisco_burziphp-nukeMatch6.5_rc2

francisco_burziphp-nukeMatch6.5_rc3

francisco_burziphp-nukeMatch6.6

francisco_burziphp-nukeMatch6.7

francisco_burziphp-nukeMatch6.9

francisco_burziphp-nukeMatch7.0

francisco_burziphp-nukeMatch7.0_final

francisco_burziphp-nukeMatch7.1

francisco_burziphp-nukeMatch7.2

francisco_burziphp-nukeMatch7.3

References

secunia.com/advisories/11852

www.osvdb.org/7001

www.securityfocus.com/archive/1/365865

www.securityfocus.com/bid/10524

exchange.xforce.ibmcloud.com/vulnerabilities/16408

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.2 Medium

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

80.7%

JSON

Related for NVD:CVE-2004-2296

cve1 cvelist1