SugarCRM Sugar Sales 2.0.1c and earlier allows remote attackers to gain sensitive information via certain requests to scripts that contain invalid input, which reveals the path in an error message, as demonstrated using phprint.php with an empty module parameter.
References
Configurations
Information
Published : 2005-01-09 21:00
Updated : 2017-07-10 18:30
NVD link : CVE-2004-1226
Mitre link : CVE-2004-1226
JSON object : View
CWE
Products Affected
sugarcrm
- sugarcrm