← Zuruck zu CVEs
CVE-2004-1385
N/ABeschreibung
phpGroupWare 0.9.16.003 and earlier allows remote attackers to gain sensitive information via (1) unexpected characters in the session ID such as shell metacharacters, (2) an invalid appname parameter to preferences.php or (3) an invalid menuaction parameter to index.php, which reveals the web server path in an error message.
CVE Details
CVSS v3.1 BewertungN/A
Veroffentlicht12/31/2004
Zuletzt geandert4/16/2026
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
phpgroupware:phpgroupware
Referenzen
http://marc.info/?l=bugtraq&m=110312656029072&w=2(cve@mitre.org)
http://www.gentoo.org/security/en/glsa/glsa-200501-08.xml(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/18497(cve@mitre.org)
http://marc.info/?l=bugtraq&m=110312656029072&w=2(af854a3a-2127-422b-91ae-364da2661108)
http://www.gentoo.org/security/en/glsa/glsa-200501-08.xml(af854a3a-2127-422b-91ae-364da2661108)
http://www.gulftech.org/?node=research&article_id=00054-12142004(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/18497(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.