CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2004-1203

parser.php in phpCMS 1.2.1 and earlier, with non-stealth and debug modes enabled, allows remote attackers to gain sensitive information via an invalid file parameter, which reveals the web server's installation path.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 57.2%

CVSS Severity

CVSS v2 Score 5.0

References

http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/029499.html
http://marc.info/?l=bugtraq&m=110149207123510&w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/18272
https://exchange.xforce.ibmcloud.com/vulnerabilities/18279
http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/029499.html
http://marc.info/?l=bugtraq&m=110149207123510&w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/18272
https://exchange.xforce.ibmcloud.com/vulnerabilities/18279

Products affected by CVE-2004-1203

Phpcms » Phpcms » Version: 1.1.9

cpe:2.3:a:phpcms:phpcms:1.1.9
Phpcms » Phpcms » Version: 1.2.0

cpe:2.3:a:phpcms:phpcms:1.2.0
Phpcms » Phpcms » Version: 1.2.1

cpe:2.3:a:phpcms:phpcms:1.2.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-1203

Products

Pricing

Contact Us