Vulnerabilities > CVE-2004-2362 - Unspecified vulnerability in PHPx

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

phpx

NVD

Published: 2004-12-31

Updated: 2024-02-14

Summary

PHPX 3.2.6 and earlier allows remote attackers to obtain the physical path of PHPX via a null or invalid value in the limit parameter, which leaks the pathname in a database error message, as demonstrated using forums.php.

Vulnerable Configurations

Part	Description	Count
Application	Phpx Phpx Phpx 3.2.4 Phpx Phpx 2.2.1 Phpx Phpx 3.2.5 Phpx Phpx 3.1.0 Phpx Phpx 3.1.2 Phpx Phpx 3.0.4 Phpx Phpx 3.0.0 Phpx Phpx 3.1.4 Phpx Phpx 3.0.2 Phpx Phpx 3.0.1 Phpx Phpx 3.0.6 Phpx Phpx 3.2.0 Phpx Phpx 1.0.10 Phpx Phpx 3.1.3 Phpx Phpx 3.2.2 Phpx Phpx 2.2.4 Phpx Phpx 2.1.0 Phpx Phpx 3.0.7 Phpx Phpx 2.2.3 Phpx Phpx 3.1.1 Phpx Phpx 3.2.6 Phpx Phpx 2.2.0 Phpx Phpx 3.2.3 Phpx Phpx 3.0.5 Phpx Phpx 3.2.1 Phpx Phpx 3.0.3 Phpx Phpx 1.0.7 Phpx Phpx 1.0.14	28

Summary

Vulnerable Configurations

References