Information Disclosure Vulnerability in PowerPortal 1.x via Invalid or Missing Parameters

CVE-2004-0662 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

PowerPortal 1.x allows remote attackers to gain sensitive information via invalid or missing parameters in HTTP requests to (1) resize.php or (2) modules.php, which reveals the path in an error message.

Learn more about our Web Application Penetration Testing UK.