CVE-2004-2588

Intentional information leak in phpinfo.php in XMB (aka extreme message board) 1.9 beta (aka Nexus beta) allows remote attackers to obtain sensitive information such as the configuration of the web server and the PHP application.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://archives.neohapsis.com/archives/bugtraq/2004-03/0265.html	Vendor Advisory
http://www.securityfocus.com/bid/9983
http://www.osvdb.org/4643
http://securitytracker.com/id?1009561
http://marc.info/?l=bugtraq&m=108032355905265&w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/15656
https://docs.xmbforum2.com/index.php?title=Security_Issue_History

Advertisement

Configurations

Configuration 1 (hide)

cpe:2.3:a:xmb_software:xmb_forum:1.9_nexus_beta:*:*:*:*:*:*:*

Information

Published : 2004-12-30 21:00

Updated : 2021-04-29 08:15

NVD link : CVE-2004-2588

Mitre link : CVE-2004-2588

JSON object : View

CWE

NVD-CWE-Other

Advertisement

Products Affected

xmb_software

xmb_forum

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://archives.neohapsis.com/archives/bugtraq/2004-03/0265.html", "name": "20040326 [waraxe-2004-SA#012 - Multiple vulnerabilities in XMB Forum 1.8 SP3 and 1.9 beta]", "tags": ["Vendor Advisory"], "refsource": "BUGTRAQ"}, {"url": "http://www.securityfocus.com/bid/9983", "name": "9983", "tags": [], "refsource": "BID"}, {"url": "http://www.osvdb.org/4643", "name": "4643", "tags": [], "refsource": "OSVDB"}, {"url": "http://securitytracker.com/id?1009561", "name": "1009561", "tags": [], "refsource": "SECTRACK"}, {"url": "http://marc.info/?l=bugtraq&m=108032355905265&w=2", "name": "20040326 [waraxe-2004-SA#012 - Multiple vulnerabilities in XMB Forum 1.8 Partagium SP3 and 1.9 Nexus Beta]", "tags": [], "refsource": "BUGTRAQ"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15656", "name": "xmb-phpinfo-obtain-information(15656)", "tags": [], "refsource": "XF"}, {"url": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History", "name": "https://docs.xmbforum2.com/index.php?title=Security_Issue_History", "tags": [], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Intentional information leak in phpinfo.php in XMB (aka extreme message board) 1.9 beta (aka Nexus beta) allows remote attackers to obtain sensitive information such as the configuration of the web server and the PHP application."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2004-2588", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2004-12-31T05:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:xmb_software:xmb_forum:1.9_nexus_beta:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2021-04-29T15:15Z"}