Vulnerabilities > CVE-2004-2196 - Unspecified vulnerability in Zanfi Solutions Zanfi CMS Lite 1.1
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Zanfi CMS lite 1.1 allows remote attackers to obtain the full path of the web server via direct requests without required arguments to (1) adm_pages.php, (2) corr_pages.php, (3) del_block.php, (4) del_page.php, (5) footer.php, (6) home.php, and others.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- http://secunia.com/advisories/12792
- http://secunia.com/advisories/12792
- http://securitytracker.com/id?1011612
- http://securitytracker.com/id?1011612
- http://www.osvdb.org/10677
- http://www.osvdb.org/10677
- http://www.osvdb.org/10678
- http://www.osvdb.org/10678
- http://www.osvdb.org/10679
- http://www.osvdb.org/10679
- http://www.osvdb.org/10680
- http://www.osvdb.org/10680
- http://www.osvdb.org/10681
- http://www.osvdb.org/10681
- http://www.osvdb.org/10682
- http://www.osvdb.org/10682
- http://www.securityfocus.com/archive/1/378053
- http://www.securityfocus.com/archive/1/378053
- http://www.zanfi.nl/index1.php?flag=cmslite
- http://www.zanfi.nl/index1.php?flag=cmslite
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17687
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17687