CVE-2004-2664

5 documents5 sources
Severity
5.0MEDIUM
EPSS
0.3%
top 42.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
John LIM Adodb
Timeline
PublishedDec 31
Latest updateApr 29

Description

John Lim ADOdb Library for PHP before 4.23 allows remote attackers to obtain sensitive information via direct requests to certain scripts that result in an undefined value of ADODB_DIR, which reveals the installation path in an error message.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

NVDjohn_lim/adodb4.22+11
Debianphppgadmin< 4.0.1-2+1

Patches

Patch: phplens.comPatch: phplens.com

🔴Vulnerability Details

3
GHSA
GHSA-c36f-rpx7-9qq3: John Lim ADOdb Library for PHP before 42022-04-29
CVEList
CVE-2004-2664: John Lim ADOdb Library for PHP before 42006-09-07
OSV
CVE-2004-2664: John Lim ADOdb Library for PHP before 42004-12-31

📋Vendor Advisories

1
Debian
CVE-2004-2664: libphp-adodb - John Lim ADOdb Library for PHP before 4.23 allows remote attackers to obtain sen...2004
CVE-2004-2664 (MEDIUM CVSS 5) | John Lim ADOdb Library for PHP befo | cvebase.io