CVE-2008-4164

Published Sep 22, 2008

Last updated 7 years ago

Overview

Description: cron.php in MemHT Portal 3.9.0 and earlier allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 2.6
Impact score: 2.9
Exploitability score: 4.9
Vector string: AV:N/AC:H/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-200

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:memht:memht_portal:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F6360500-42EE-4B5E-BAF8-5D50359AEC4A",
            "versionEndIncluding": "3.9.0"
          },
          {
            "criteria": "cpe:2.3:a:memht:memht_portal:3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "68C9DAD4-3EC1-4EAF-9615-12D74D8B2249"
          },
          {
            "criteria": "cpe:2.3:a:memht:memht_portal:3.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "90EC849C-194B-4F34-BAC8-448E0BF9AB1D"
          },
          {
            "criteria": "cpe:2.3:a:memht:memht_portal:3.4.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4563E7A1-66B4-425B-8AEC-3F7C222BCA50"
          },
          {
            "criteria": "cpe:2.3:a:memht:memht_portal:3.6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FB08C1CB-F9AB-456D-981D-23F1EC87030C"
          },
          {
            "criteria": "cpe:2.3:a:memht:memht_portal:3.8.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "85F80D85-2857-4653-97B7-0DA5127364AF"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References