CVE-2004-2588 : Intentional information leak in phpinfo.php in XMB (aka extreme message board) 1.9 beta (aka Nexus beta) allows remote a

Intentional information leak in phpinfo.php in XMB (aka extreme message board) 1.9 beta (aka Nexus beta) allows remote attackers to obtain sensitive information such as the configuration of the web server and the PHP application.

Published 2004-12-31 05:00:00

Updated 2021-04-29 15:15:10

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2004-2588

Probability of exploitation activity in the next 30 days: 1.81%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 88 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2004-2588

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:P/I:N/A:N	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None

Vendor statements for CVE-2004-2588

XMB 2021-04-23

XMB versions 1.9.8 and later were checked and are not vulnerable. Upgrades are available at https://www.xmbforum2.com/

References for CVE-2004-2588

Products affected by CVE-2004-2588

Xmb Software » Xmb Forum » Version: 1.9 Nexus Beta
cpe:2.3:a:xmb_software:xmb_forum:1.9_nexus_beta:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2004-2588

Exploit prediction scoring system (EPSS) score for CVE-2004-2588

CVSS scores for CVE-2004-2588

Vendor statements for CVE-2004-2588

References for CVE-2004-2588

Products affected by CVE-2004-2588