CVE-2004-1203 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2004-1203

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

parser.php in phpCMS 1.2.1 and earlier, with non-stealth and debug modes enabled, allows remote attackers to gain sensitive information via an invalid file parameter, which reveals the web servers installation path.

Affected Software

Name	Vendor	Start Version	End Version
Phpcms	Phpcms	1.1.9 (including)	1.1.9 (including)
Phpcms	Phpcms	1.2.0 (including)	1.2.0 (including)
Phpcms	Phpcms	1.2.1 (including)	1.2.1 (including)

References

http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/029499.html
http://marc.info/?l=bugtraq\u0026m=110149207123510\u0026w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/18272
https://exchange.xforce.ibmcloud.com/vulnerabilities/18279
http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/029499.html
http://marc.info/?l=bugtraq\u0026m=110149207123510\u0026w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/18272
https://exchange.xforce.ibmcloud.com/vulnerabilities/18279