CVE-2004-0662

PowerPortal 1.x allows remote attackers to gain sensitive information via invalid or missing parameters in HTTP requests to (1) resize.php or (2) modules.php, which reveals the path in an error message.

Published: Aug 6, 2004
Updated: Apr 13, 2023
CVE: CVE-2004-0662
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
powerportal / powerportal	1.1b	1.1b.x
powerportal / powerportal	1.3b	1.3b.x
powerportal / powerportal	1.3	1.3.x

http://marc.info/?l=bugtraq&m=108844362627811&w=2
http://www.securityfocus.com/bid/10622
http://www.swp-zone.org/archivos/advisory-07.txt
https://exchange.xforce.ibmcloud.com/vulnerabilities/16529

Vulnerability Database

289,697

CVE-2004-0662