Information Disclosure Vulnerability in Cacti 0.8.5a

Information Disclosure Vulnerability in Cacti 0.8.5a

CVE-2004-1736 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Cacti 0.8.5a allows remote attackers to gain sensitive information via an HTTP request to (1) auth.php, (2) auth_login.php, (3) auth_changepassword.php, and possibly other php files, which reveal the installation path in a PHP error message.

Learn more about our Web Application Penetration Testing UK.