Unrated severityNVD Advisory· Published Dec 31, 2004· Updated Apr 16, 2026
CVE-2004-2362
CVE-2004-2362
Description
PHPX 3.2.6 and earlier allows remote attackers to obtain the physical path of PHPX via a null or invalid value in the limit parameter, which leaks the pathname in a database error message, as demonstrated using forums.php.
Affected products
28cpe:2.3:a:phpx:phpx:1.0.7:*:*:*:*:*:*:*+ 27 more
- cpe:2.3:a:phpx:phpx:1.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:1.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:1.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:2.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:2.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:2.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:2.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:2.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:3.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:3.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:3.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:3.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:3.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:3.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:3.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:3.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:3.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:3.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:3.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:3.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:3.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:phpx:phpx:3.2.6:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- www.phpx.org/project.phpnvdPatchURL Repurposed
- www.securityfocus.com/archive/1/362230nvdExploitVendor Advisory
- secunia.com/advisories/11554nvd
- securitytracker.com/idnvd
- www.osvdb.org/5906nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/16064nvd
News mentions
0No linked articles in our index yet.