cbcvebase.
CVE-2004-2664
published 2004-12-31

CVE-2004-2664: John Lim ADOdb Library for PHP before 4.23 allows remote attackers to obtain sensitive information via direct requests to certain scripts that result in an…

PriorityP46medium5CVSS 2.0
AVNACLAuNCPINAN
EPSS
1.18%
63.6th percentile
John Lim ADOdb Library for PHP before 4.23 allows remote attackers to obtain sensitive information via direct requests to certain scripts that result in an undefined value of ADODB_DIR, which reveals the installation path in an error message.

Affected

16 ranges
VendorProductVersion rangeFixed in
debianlibphp-adodb< phppgadmin 4.0.1-2 (forky)phppgadmin 4.0.1-2 (forky)
debianphppgadmin< phppgadmin 4.0.1-2 (forky)phppgadmin 4.0.1-2 (forky)
john_limadodb<= 4.22
john_limadodb
john_limadodb
john_limadodb
john_limadodb
john_limadodb
john_limadodb
john_limadodb
john_limadodb
john_limadodb
john_limadodb
john_limadodb
phppgadmin_projectphppgadmin>= 0 < 4.0.1-24.0.1-2
phppgadmin_projectphppgadmin>= 0 < 4.0.1-24.0.1-2

CVSS provenance

nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
osv5.0MEDIUM
vendor_debian5.0LOW
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.