Vulnerability Description
csFAQ.cgi in csFAQ allows remote attackers to gain sensitive information via an invalid database parameter, which reveals the path to the web server in an error message.
CVSS Score
5.0
MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cgiscript.Net | Csfaq | All versions |
References
- http://marc.info/?l=bugtraq&m=108844203121238&w=2
- http://www.securityfocus.com/bid/10618ExploitVendor Advisory
- http://www.swp-zone.org/archivos/advisory-08.txt
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16526
- http://marc.info/?l=bugtraq&m=108844203121238&w=2
- http://www.securityfocus.com/bid/10618ExploitVendor Advisory
- http://www.swp-zone.org/archivos/advisory-08.txt
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16526
FAQ
What is CVE-2004-0665?
CVE-2004-0665 is a vulnerability with a CVSS score of 5.0 (MEDIUM). csFAQ.cgi in csFAQ allows remote attackers to gain sensitive information via an invalid database parameter, which reveals the path to the web server in an error message.
How severe is CVE-2004-0665?
CVE-2004-0665 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-0665?
Check the references section above for vendor advisories and patch information. Affected products include: Cgiscript.Net Csfaq.