CVE-2004-2616
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
31/12/2004
Last modified:
03/04/2025
Description
The file server in ActivePost Standard 3.1 and earlier allows remote authenticated users to obtain sensitive information by uploading a file, which reveals the path in a success message.
Impact
Base Score 2.0
4.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:onnuri_infotek:activepost_standard:*:*:*:*:*:*:*:* | 3.1 (including) | |
| cpe:2.3:a:onnuri_infotek:activepost_standard:2.5:*:*:*:*:*:*:* | ||
| cpe:2.3:a:onnuri_infotek:activepost_standard:3.0:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://aluigi.altervista.org/adv/actp-adv.txt
- http://archives.neohapsis.com/archives/fulldisclosure/2004-09/0852.html
- http://marc.info/?l=bugtraq&%3Bm=109597139011373&%3Bw=2
- http://securitytracker.com/id?1011406=
- http://www.osvdb.org/10235
- http://aluigi.altervista.org/adv/actp-adv.txt
- http://archives.neohapsis.com/archives/fulldisclosure/2004-09/0852.html
- http://marc.info/?l=bugtraq&%3Bm=109597139011373&%3Bw=2
- http://securitytracker.com/id?1011406=
- http://www.osvdb.org/10235