CVE-2004-1736

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2004-1736

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2004-1736.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2004-1736

Downstream

DEBIAN-CVE-2004-1736

Published

2004-12-31T05:00:00Z

Modified

2026-04-10T03:36:40.657460Z

Summary

[none]

Details

Cacti 0.8.5a allows remote attackers to gain sensitive information via an HTTP request to (1) auth.php, (2) authlogin.php, (3) authchangepassword.php, and possibly other php files, which reveal the installation path in a PHP error message.

References

http://lists.grok.org.uk/pipermail/full-disclosure/2004-August/025376.html
http://secunia.com/advisories/12308
http://marc.info/?l=bugtraq&m=109272483621038&w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/17014

CVE-2004-1736

Affected packages