CVE-2004-1990

high

Description

Aldo's Web Server (aweb) 1.5 allows remote attackers to gain sensitive information via an arbitrary character, which reveals the full path and the user running the aweb process, possibly due to a malformed request.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/16047

http://www.osvdb.org/5880

http://marc.info/?l=bugtraq&m=108360629031227&w=2

Details

Source: Mitre, NVD

Published: 2004-03-03

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High

EPSS

EPSS: 0.00871

Detections

Analytics