Vulnerabilities > CVE-2004-1504 - Information Disclosure vulnerability in Salims Softhouse JAF CMS 3.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
The displaycontent function in config.php for Just Another Flat file (JAF) CMS 3.0RC allows remote attackers to gain sensitive information via a blank show parameter, which reveals the installation path in an error message, as demonstrated using index.php.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |