Unrated severityNVD Advisory· Published Dec 31, 2004· Updated Apr 16, 2026

CVE-2004-2671

Description

mod.php in eNdonesia 8.3 allows remote attackers to obtain sensitive information via certain direct requests, and certain requests with invalid parameter values, which reveal the path in various error messages, as demonstrated by the (1) mod and (2) cid parameters.

Affected products

Endonesia/Endonesia
cpe:2.3:a:endonesia:endonesia:8.3:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

echo.or.id/adv/adv02-y3dips-2004.txtnvdExploitVendor Advisory
www.securityfocus.com/archive/1/370855nvdExploitVendor Advisory
www.securityfocus.com/bid/8507nvdExploitVendor Advisory
secunia.com/advisories/12231nvdVendor Advisory
securitytracker.com/idnvdVendor Advisory
exchange.xforce.ibmcloud.com/vulnerabilities/13042nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000