CVE-2004-2664

Name of the Vulnerable Software and Affected Versions John Lim ADOdb Library for PHP versions prior to 4.23

Description The issue allows remote attackers to obtain sensitive information via direct requests to certain scripts. This occurs when the ADODB DIR value is undefined, resulting in an error message that reveals the installation path.

Recommendations For versions prior to 4.23, update to version 4.23 or later to resolve the issue. As a temporary workaround, consider defining the ADODB DIR value to prevent the error message from revealing sensitive information. Restrict access to the affected scripts to minimize the risk of exploitation.