CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2004-1953

phProfession 2.5 allows remote attackers to gain sensitive information via a direct HTTP request to upload.php, which reveals the path in a PHP error message.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.05

EPSS Ranking 89.3%

CVSS Severity

CVSS v2 Score 5.0

References

http://marc.info/?l=bugtraq&m=108258931430060&w=2
http://secunia.com/advisories/11465
http://www.osvdb.org/5623
http://www.securityfocus.com/bid/10190
http://www.waraxe.us/index.php?modname=sa&id=21
https://exchange.xforce.ibmcloud.com/vulnerabilities/15930
http://marc.info/?l=bugtraq&m=108258931430060&w=2
http://secunia.com/advisories/11465
http://www.osvdb.org/5623
http://www.securityfocus.com/bid/10190
http://www.waraxe.us/index.php?modname=sa&id=21
https://exchange.xforce.ibmcloud.com/vulnerabilities/15930

Products affected by CVE-2004-1953

Phprofession » Phprofession » Version: 2.5

cpe:2.3:a:phprofession:phprofession:2.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-1953

Products

Pricing

Contact Us