CVE-2004-0662 Information

Description

PowerPortal 1.x allows remote attackers to gain sensitive information via invalid or missing parameters in HTTP requests to (1) resize.php or (2) modules.php which reveals the path in an error message.

Reference

http://marc.info/?l=bugtraq&m=108844362627811&w=2 http://www.securityfocus.com/bid/10622 http://www.swp-zone.org/archivos/advisory-07.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/16529