CVE-2004-2664

Published: Dec 31, 2004Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

John Lim ADOdb Library for PHP before 4.23 allows remote attackers to obtain sensitive information via direct requests to certain scripts that result in an undefined value of ADODB_DIR, which reveals the installation path in an error message.

Affected (12)

Products: John Lim: Adodb

John Lim

1 product

Adodb

Configuration A

12 vulnerable

Vulnerable Software	Affected Versions
John Lim Adodb	Up to 4.22
John Lim Adodb	Version 3.94
John Lim Adodb	Version 4.00
John Lim Adodb	Version 4.01
John Lim Adodb	Version 4.02
John Lim Adodb	Version 4.03
John Lim Adodb	Version 4.04
John Lim Adodb	Version 4.05
John Lim Adodb	Version 4.10
John Lim Adodb	Version 4.11
John Lim Adodb	Version 4.20
John Lim Adodb	Version 4.21

References (2)

http://phplens.com/lens/adodb/docs-adodb.htm#changes

Source: cve@mitre.org

Patch

http://phplens.com/lens/adodb/docs-adodb.htm#changes

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

Timeline

No history available yet.