Vulnerabilities > CVE-2003-1316 - Path Disclosure vulnerability in eNdonesia Mod Parameter

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

endonesia

NVD

Published: 2003-12-31

Updated: 2017-07-29

Summary

mod.php in eNdonesia 8.2 allows remote attackers to obtain sensitive information via a ' (quote) value in the lng parameter, which reveals the path in an error message. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.

Vulnerable Configurations

Part	Description	Count
Application	Endonesia Endonesia Endonesia 8.2	1

References

http://secunia.com/advisories/9622
http://securitytracker.com/id?1007592
http://www.osvdb.org/3666
http://www.securityfocus.com/bid/8507
https://exchange.xforce.ibmcloud.com/vulnerabilities/13042