CVE-2004-0662

medium

Description

PowerPortal 1.x allows remote attackers to gain sensitive information via invalid or missing parameters in HTTP requests to (1) resize.php or (2) modules.php, which reveals the path in an error message.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/16529

http://www.swp-zone.org/archivos/advisory-07.txt

http://marc.info/?l=bugtraq&m=108844362627811&w=2

Details

Source: Mitre, NVD

Published: 2004-08-06

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 5.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Severity: Medium

EPSS

EPSS: 0.00477