CVE-2004-2671

Name of the Vulnerable Software and Affected Versions eNdonesia version 8.3

Description The issue allows remote attackers to obtain sensitive information via certain direct requests and requests with invalid parameter values, which reveal the path in various error messages. This is demonstrated by the mod and cid parameters.

Recommendations For eNdonesia version 8.3, consider restricting access to the mod.php file to minimize the risk of exploitation. As a temporary workaround, avoid using the mod and cid parameters in requests to the mod.php file until the issue is resolved.