PowerPortal Path Dislcosure Network Vulnerability

Summary

The remote host is using PowerPortal, a content management system, written in PHP. A vulnerability exists in the remote version of this product which may allow a remote attacker to cause the product to disclose the path it is installed under. An attacker may use this flaw to gain more knowledge about the setup of the remote host, and therefore prepare better attacks.

Solution

Upgrade to the latest version of this software.

Severity

Classification

CVE CVE-2004-0662, CVE-2004-0664

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

2532|Gigs Directory Traversal And SQL Injection Multiple Vulnerabilities
Adobe ColdFusion Multiple Cross Site Scripting Vulnerabilities
Apache Tomcat Information Disclosure Vulnerability
Apple Safari Multiple Vulnerabilities
Apache Tomcat HTTP BIO Connector Information Disclosure Vulnerability

Take action and discover your vulnerabilities