Vulnerability Description
PowerPortal 1.x allows remote attackers to gain sensitive information via invalid or missing parameters in HTTP requests to (1) resize.php or (2) modules.php, which reveals the path in an error message.
CVSS Score
5.0
MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Powerportal | Powerportal | 1.1b |
References
- http://marc.info/?l=bugtraq&m=108844362627811&w=2
- http://www.securityfocus.com/bid/10622ExploitVendor Advisory
- http://www.swp-zone.org/archivos/advisory-07.txt
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16529
- http://marc.info/?l=bugtraq&m=108844362627811&w=2
- http://www.securityfocus.com/bid/10622ExploitVendor Advisory
- http://www.swp-zone.org/archivos/advisory-07.txt
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16529
FAQ
What is CVE-2004-0662?
CVE-2004-0662 is a vulnerability with a CVSS score of 5.0 (MEDIUM). PowerPortal 1.x allows remote attackers to gain sensitive information via invalid or missing parameters in HTTP requests to (1) resize.php or (2) modules.php, which reveals the path in an error messag...
How severe is CVE-2004-0662?
CVE-2004-0662 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-0662?
Check the references section above for vendor advisories and patch information. Affected products include: Powerportal Powerportal.