CVE-2004-2374

BadBlue 2.4 allows remote attackers to obtain the location of the server installation path via a request for phptest.php, which includes the pathname in the source of the resulting HTML.

Published: Dec 31, 2004
Updated: Apr 13, 2023
CVE: CVE-2004-2374
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
working_resources_inc. / badblue	2.40	2.40.x

http://www.securityfocus.com/archive/1/355109
http://www.securityfocus.com/bid/9737
https://exchange.xforce.ibmcloud.com/vulnerabilities/15311

Vulnerability Database

289,697

CVE-2004-2374