CVE-2004-1723

Published: Dec 31, 2004Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

The (1) updateuser.php and (2) forums_prune.php scripts in PHP-Fusion 4.00 allow remote attackers to obtain sensitive information via a direct HTTP request, which reveals the installation path in an error message.

Affected (1)

Products: Php Fusion: Php Fusion

Php Fusion

1 product

Php Fusion

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Php Fusion Php Fusion	Version 4.00

References (4)

http://marc.info/?l=bugtraq&m=109285292901685&w=2

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/17036

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=109285292901685&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/17036

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.