Unrated severityNVD Advisory· Published Dec 31, 2004· Updated Apr 16, 2026

CVE-2004-1572

Description

AJ-Fork 167 does not restrict access to directories such as (1) data, (2) inc, (3) plugins, (4) skins, or (5) tools, which allows remote attackers to list files in those directories via a direct HTTP request.

Affected products

Aj Fork/Aj Fork
cpe:2.3:a:aj-fork:aj-fork:167:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

echo.or.id/adv/adv07-y3dips-2004.txtnvd
marc.infonvd
securitytracker.com/idnvd
www.securityfocus.com/bid/11301nvd
exchange.xforce.ibmcloud.com/vulnerabilities/17569nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000