Vulnerabilities > CVE-2004-2671 - Unspecified vulnerability in Endonesia 8.3
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
mod.php in eNdonesia 8.3 allows remote attackers to obtain sensitive information via certain direct requests, and certain requests with invalid parameter values, which reveal the path in various error messages, as demonstrated by the (1) mod and (2) cid parameters.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- http://echo.or.id/adv/adv02-y3dips-2004.txt
- http://echo.or.id/adv/adv02-y3dips-2004.txt
- http://secunia.com/advisories/12231
- http://secunia.com/advisories/12231
- http://securitytracker.com/id?1010864
- http://securitytracker.com/id?1010864
- http://www.securityfocus.com/archive/1/370855
- http://www.securityfocus.com/archive/1/370855
- http://www.securityfocus.com/bid/8507
- http://www.securityfocus.com/bid/8507
- https://exchange.xforce.ibmcloud.com/vulnerabilities/13042
- https://exchange.xforce.ibmcloud.com/vulnerabilities/13042