CVE-2004-0665

high

Description

csFAQ.cgi in csFAQ allows remote attackers to gain sensitive information via an invalid database parameter, which reveals the path to the web server in an error message.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/16526

http://www.swp-zone.org/archivos/advisory-08.txt

http://marc.info/?l=bugtraq&m=108844203121238&w=2

Details

Source: Mitre, NVD

Published: 2004-08-06

Updated: 2017-07-11

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High

Detections

Analytics