CVE-2004-1572

Published: Dec 31, 2004Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

AJ-Fork 167 does not restrict access to directories such as (1) data, (2) inc, (3) plugins, (4) skins, or (5) tools, which allows remote attackers to list files in those directories via a direct HTTP request.

Affected (1)

Products: Aj Fork: Aj Fork

Aj Fork

1 product

Aj Fork

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Aj Fork Aj Fork	Version 167

References (10)

http://echo.or.id/adv/adv07-y3dips-2004.txt

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=109664986210763&w=2

Source: cve@mitre.org

http://securitytracker.com/id?1011484

Source: cve@mitre.org

http://www.securityfocus.com/bid/11301

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/17569

Source: cve@mitre.org

http://echo.or.id/adv/adv07-y3dips-2004.txt