Unrated severityNVD Advisory· Published Dec 31, 2004· Updated Jun 16, 2026
CVE-2004-2362
CVE-2004-2362
Description
PHPX 3.2.6 and earlier allows remote attackers to obtain the physical path of PHPX via a null or invalid value in the limit parameter, which leaks the pathname in a database error message, as demonstrated using forums.php.
Affected products
29cpe:2.3:a:phpx:phpx:1.0.10:*:*:*:*:*:*:*+ 28 more
- cpe:2.3:a:phpx:phpx:1.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:1.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:1.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:2.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:2.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:2.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:2.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:2.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:3.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:3.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:3.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:3.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:3.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:3.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:3.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:3.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:3.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:3.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:3.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:3.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:3.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:3.2.6:*:*:*:*:*:*:*
- (no CPE)range: <=3.2.6
Patches
Vulnerability mechanics
References
6- www.phpx.org/project.phpnvdPatchURL Repurposed
- www.securityfocus.com/archive/1/362230nvdExploitVendor Advisory
- secunia.com/advisories/11554nvd
- securitytracker.com/idnvd
- www.osvdb.org/5906nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/16064nvd
News mentions
0No linked articles in our index yet.