2 matches found
CVE-2004-1953
phProfession 2.5 is affected by CVE-2004-1953. The issue allows remote attackers to gain sensitive information by making a direct HTTP request to upload.php, which results in a PHP error message that reveals the file path. The NVD entry lists a Base Score of 5.0 (Medium) with Network attack vecto...
CVE-2004-1953
phProfession 2.5 allows remote attackers to gain sensitive information via a direct HTTP request to upload.php, which reveals the path in a PHP error message...