CVE-2002-2288 in Site Serverinfo

Summary

Mambo Site Server 4.0.11 allows remote attackers to obtain the physical path of the server via an HTTP request to index.php with a parameter that does not exist, which causes the path to be leaked in an error message.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

10/17/2007

Disclosure

12/31/2002

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-200 (Confirmed)

Exploit

Download

CVSS

5.3

EPSS

0.05265

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2002-2288
NVD	https://nvd.nist.gov/vuln/detail/CVE-2002-2288
CVE Details	https://www.cvedetails.com/cve/CVE-2002-2288/

◂ Previous Overview Next ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!