CVE-2004-0066

Published: Feb 17, 2004Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

phpGedView before 2.65 allows remote attackers to obtain the absolute path of the web server via malformed parameters to (1) indilist.php, (2) famlist.php, (3) placelist.php, (4) imageview.php, (5) timeline.php, (6) clippings.php, (7) login.php, and (8) gdbi.php.

Affected (1)

Products: Phpgedview: Phpgedview

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Phpgedview Phpgedview	Up to 2.65

References (6)

http://marc.info/?l=bugtraq&m=107394912715478&w=2

Source: cve@mitre.org

http://www.osvdb.org/3464

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/14215

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=107394912715478&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/3464

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/14215

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.