CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2004-2748

viewreport.pl in NetIQ WebTrends Reporting Center Enterprise Edition 6.1a allows remote attackers to determine the installation path via an invalid profileid parameter, which leaks the pathname in an error message.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.068

EPSS Ranking 91.1%

CVSS Severity

CVSS v2 Score 4.3

References

http://secunia.com/advisories/10689
http://securityreason.com/securityalert/3354
http://www.osvdb.org/3680
http://www.securityfocus.com/archive/1/350419/30/21610/threaded
http://www.securityfocus.com/bid/9460
http://www.securitytracker.com/id?1008799
http://secunia.com/advisories/10689
http://securityreason.com/securityalert/3354
http://www.osvdb.org/3680
http://www.securityfocus.com/archive/1/350419/30/21610/threaded
http://www.securityfocus.com/bid/9460
http://www.securitytracker.com/id?1008799

Products affected by CVE-2004-2748

Webtrends » Reporting Center » Version: 6.1a

cpe:2.3:a:webtrends:reporting_center:6.1a

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-2748

Products

Pricing

Contact Us