Vulnerability Description
Intentional information leak in phpinfo.php in XMB (aka extreme message board) 1.9 beta (aka Nexus beta) allows remote attackers to obtain sensitive information such as the configuration of the web server and the PHP application.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Xmb Software | Xmb Forum | 1.9_nexus_beta |
References
- http://archives.neohapsis.com/archives/bugtraq/2004-03/0265.htmlVendor Advisory
- http://marc.info/?l=bugtraq&m=108032355905265&w=2
- http://securitytracker.com/id?1009561
- http://www.osvdb.org/4643
- http://www.securityfocus.com/bid/9983
- https://docs.xmbforum2.com/index.php?title=Security_Issue_History
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15656
- http://archives.neohapsis.com/archives/bugtraq/2004-03/0265.htmlVendor Advisory
- http://marc.info/?l=bugtraq&m=108032355905265&w=2
- http://securitytracker.com/id?1009561
- http://www.osvdb.org/4643
- http://www.securityfocus.com/bid/9983
- https://docs.xmbforum2.com/index.php?title=Security_Issue_History
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15656
FAQ
What is CVE-2004-2588?
CVE-2004-2588 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Intentional information leak in phpinfo.php in XMB (aka extreme message board) 1.9 beta (aka Nexus beta) allows remote attackers to obtain sensitive information such as the configuration of the web se...
How severe is CVE-2004-2588?
CVE-2004-2588 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-2588?
Check the references section above for vendor advisories and patch information. Affected products include: Xmb Software Xmb Forum.