Information Disclosure Vulnerability in BadBlue 2.4

Information Disclosure Vulnerability in BadBlue 2.4

CVE-2004-2374 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

BadBlue 2.4 allows remote attackers to obtain the location of the server installation path via a request for phptest.php, which includes the pathname in the source of the resulting HTML.

Learn more about our Cis Benchmark Audit For Server Software.