CVE Vulnerabilities

CVE-2004-2575

Published: Dec 31, 2004 | Modified: Mar 08, 2011
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

phpGroupWare 0.9.14.005 and earlier allow remote attackers to obtain sensitive information via a direct request to (1) hook_admin.inc.php, (2) hook_home.inc.php, (3) class.holidaycalc.inc.php, and (4) setup.inc.php.sample, which reveals the path in an error message.

Affected Software

Name Vendor Start Version End Version
Phpgroupware Phpgroupware 0.9.16.000 0.9.16.000
Phpgroupware Phpgroupware 0.9.16.002 0.9.16.002
Phpgroupware Phpgroupware 0.9.16.003 0.9.16.003
Phpgroupware Phpgroupware 0.9.16.005 0.9.16.005

References