Critical severity9.8NVD Advisory· Published Jul 27, 2004· Updated Apr 16, 2026

CVE-2004-2061

Description

RiSearch 1.0.01 and RiSearch Pro 3.2.06 allows remote attackers to use the show.pl script as an open proxy, or read arbitrary local files, by setting the url parameter to a (1) http://, (2) ftp://, or (3) file:// URL.

Affected products

Risearch/Risearch
cpe:2.3:a:risearch:risearch:1.0.01:*:*:*:*:*:*:*
Risearch/Risearch Pro
cpe:2.3:a:risearch:risearch_pro:3.2.6:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/10812nvdBroken LinkExploitThird Party AdvisoryVDB EntryVendor Advisory
secunia.com/advisories/12173nvdBroken LinkVendor Advisory
securitytracker.com/idnvdBroken LinkThird Party AdvisoryVDB Entry
exchange.xforce.ibmcloud.com/vulnerabilities/16817nvdThird Party AdvisoryVDB Entry
marc.infonvdMailing List
www.osvdb.org/8265nvdBroken Link
www.osvdb.org/8266nvdBroken Link

News mentions

No linked articles in our index yet.

cvss	0.637
epss	0.012
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000