XOOPS 2.0, and possibly earlier versions, allows remote attackers to obtain sensitive information via an invalid xoopsOption parameter, which reveals the installation path in an error message.
References
Configurations
History
20 Nov 2024, 23:47
Type | Values Removed | Values Added |
---|---|---|
References | () http://marc.info/?l=bugtraq&m=104820295115420&w=2 - Exploit | |
References | () http://marc.info/?l=bugtraq&m=104887510828106&w=2 - | |
References | () http://secunia.com/advisories/8353 - Vendor Advisory | |
References | () http://www.security-corporation.com/index.php?id=advisories&a=011-FR - | |
References | () http://www.securityfocus.com/bid/7149 - Exploit | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/11587 - |
Information
Published : 2003-12-31 05:00
Updated : 2024-11-20 23:47
NVD link : CVE-2003-1550
Mitre link : CVE-2003-1550
CVE.ORG link : CVE-2003-1550
JSON object : View
Products Affected
xoops
- xoops
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor