Information Disclosure Vulnerability in eNdonesia CMS 8.3
CVE-2004-2671

Currently unrated

Key Information:

Vendor: Endonesia
Status: Endonesia
Vendor: CVE Published:; 31 December 2004

What is CVE-2004-2671?

The eNdonesia CMS version 8.3 contains a vulnerability in the mod.php file that allows remote attackers to obtain sensitive information. Malicious entities can exploit certain direct requests and requests with malformed parameters to unveil file paths, which are inadvertently exposed through error messages. This vulnerability can lead to unauthorized access to the backend structure of the application, increasing the risk profile for users and administrators.

References

http://www.securityfocus.com/archive/1/370855

mailing-listx_refsource_BUGTRAQ

http://secunia.com/advisories/12231

third-party-advisoryx_refsource_SECUNIA

http://echo.or.id/adv/adv02-y3dips-2004.txt

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Jan 4, 2007
Vulnerability published
Dec 31, 2004

CVE-2004-2671 Data

JSON

Endonesia

What is CVE-2004-2671?

References

Timeline