CVE-2004-0130

{"id": "CVE-2004-0130", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2004-03-03T05:00:00.000", "references": [{"url": "http://securitytracker.com/alerts/2004/Jan/1008844.html", "source": "cve@mitre.org"}, {"url": "http://www.netvigilance.com/advisory0001", "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/6886", "source": "cve@mitre.org"}, {"url": "http://www.securiteam.com/unixfocus/5NP0M1PBPQ.html", "tags": ["Exploit", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15128", "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/alerts/2004/Jan/1008844.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.netvigilance.com/advisory0001", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.osvdb.org/6886", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securiteam.com/unixfocus/5NP0M1PBPQ.html", "tags": ["Exploit", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15128", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "login.php in phpGedView 2.65 and earlier allows remote attackers to obtain sensitive information via an HTTP request to login.php that does not contain the required username or password parameters, which causes the information to be leaked in an error message."}, {"lang": "es", "value": "login.php en phpGedView 2.65 y anteriores permite a atacantes remotos obtener informaci\u00f3n sensible mediante una petici\u00f3n HTTP a login.php sin los par\u00e1metros requeridos de nombre de usaurio y contrase\u00f1a, lo que hace que se filtre informaci\u00f3n en el mensaje de error."}], "lastModified": "2024-11-20T23:47:50.280", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:phpgedview:phpgedview:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C05501C0-BAF9-483E-A9CF-5F46D14E88FA", "versionEndIncluding": "2.65"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}