Vulnerabilities > CVE-2003-1089 - Unspecified vulnerability in PHPoutsourcing Zorum 3.4
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN phpoutsourcing
exploit available
Summary
index.php for Zorum 3.4 allows remote attackers to determine the full path of the web root via invalid parameter names, which reveals the path in a PHP error message.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | PHPOutsourcing Zorum 3.4 Path Disclosure Vulnerability. CVE-2003-1089. Webapps exploit for php platform |
| id | EDB-ID:23018 |
| last seen | 2016-02-02 |
| modified | 2003-08-11 |
| published | 2003-08-11 |
| reporter | Zone-h Security Team |
| source | https://www.exploit-db.com/download/23018/ |
| title | PHPOutsourcing Zorum 3.4 Path Disclosure Vulnerability |
References
- http://marc.info/?l=bugtraq&m=106063199925536&w=2
- http://marc.info/?l=bugtraq&m=106063199925536&w=2
- http://securitytracker.com/id?1013365
- http://securitytracker.com/id?1013365
- http://www.securityfocus.com/bid/8396
- http://www.securityfocus.com/bid/8396
- https://exchange.xforce.ibmcloud.com/vulnerabilities/12868
- https://exchange.xforce.ibmcloud.com/vulnerabilities/12868