Information Disclosure Vulnerability in PowerPortal 1.x via Invalid or Missing Parameters
CVE-2004-0662 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
PowerPortal 1.x allows remote attackers to gain sensitive information via invalid or missing parameters in HTTP requests to (1) resize.php or (2) modules.php, which reveals the path in an error message.
Learn more about our Web Application Penetration Testing UK.