CVE-2004-1226

Published: Jan 10, 2005Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

SugarCRM Sugar Sales 2.0.1c and earlier allows remote attackers to gain sensitive information via certain requests to scripts that contain invalid input, which reveals the path in an error message, as demonstrated using phprint.php with an empty module parameter.

Affected (1)

Products: Sugarcrm: Sugarcrm

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Sugarcrm Sugarcrm	Up to 2.0.1c

References (4)

http://marc.info/?l=bugtraq&m=110295433323795&w=2

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/18447

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=110295433323795&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/18447

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.