Lucene search
MitreCVE-2003-1089HistoryMar 07, 2005 - 5:00 a.m.
CVE-2003-1089
2005-03-0705:00:00
mitre
web.nvd.nist.gov
24
zorum
index.php
remote attackers
path disclosure
nvd
cve-2003-1089
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
7.2
Confidence
Low
EPSS
0.018
Percentile
88.3%
index.php for Zorum 3.4 allows remote attackers to determine the full path of the web root via invalid parameter names, which reveals the path in a PHP error message.
Affected configurations
Node
phpoutsourcingzorumMatch3.4
| Vendor | Product | Version | CPE |
|---|---|---|---|
| phpoutsourcing | zorum | 3.4 | cpe:2.3:a:phpoutsourcing:zorum:3.4:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2003-1089
2003-12-31 05:00:00
exploitdb
exploitdb
PHPOutsourcing Zorum 3.4 - Full Path Disclosure
2003-08-11 00:00:00
cvelist
cvelist
CVE-2003-1089
2005-03-07 05:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
7.2
Confidence
Low
EPSS
0.018
Percentile
88.3%
Related for CVE-2003-1089