Vulnerability Description
modules.php in PHP-Nuke Video Gallery Module 0.1 Beta 5 allows remote attackers to gain sensitive information via an HTTP request with an invalid (1) catid or (2) clipid parameter, which reveals the full path in an error message.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Oscar Fafian | Video Gallery | 0.1_beta_5 |
References
- http://marc.info/?l=bugtraq&m=108308660628557&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15978
- http://marc.info/?l=bugtraq&m=108308660628557&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15978
FAQ
What is CVE-2004-1971?
CVE-2004-1971 is a vulnerability with a CVSS score of 5.0 (MEDIUM). modules.php in PHP-Nuke Video Gallery Module 0.1 Beta 5 allows remote attackers to gain sensitive information via an HTTP request with an invalid (1) catid or (2) clipid parameter, which reveals the f...
How severe is CVE-2004-1971?
CVE-2004-1971 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-1971?
Check the references section above for vendor advisories and patch information. Affected products include: Oscar Fafian Video Gallery.