What is the severity of CVE-2002-2288?

CVE-2002-2288 is considered a moderate severity vulnerability due to potential information disclosure.

How do I fix CVE-2002-2288?

To fix CVE-2002-2288, update Mambo Site Server to a version that addresses this vulnerability.

What type of vulnerability is CVE-2002-2288?

CVE-2002-2288 is an information disclosure vulnerability that exposes the server's physical path.

Who is affected by CVE-2002-2288?

CVE-2002-2288 affects users and administrators of Mambo Site Server version 4.0.11.

What causes CVE-2002-2288 to occur?

CVE-2002-2288 occurs when the server returns an error message that includes the physical path due to non-existent parameters in the HTTP request.

Vulnerability/
CVE-2002-2288

medium

CWE

200

31/12/2002

18/10/2007

8/8/2024

CVE-2002-2288: Infoleak

First published: Tue Dec 31 2002(Updated: )

Mambo Site Server 4.0.11 allows remote attackers to obtain the physical path of the server via an HTTP request to index.php with a parameter that does not exist, which causes the path to be leaked in an error message.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Mambo Site Server	=4.0.11

Remedy

http://www.securityfocus.com/bid/6387

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2002-2288?
CVE-2002-2288 is considered a moderate severity vulnerability due to potential information disclosure.
How do I fix CVE-2002-2288?
To fix CVE-2002-2288, update Mambo Site Server to a version that addresses this vulnerability.
What type of vulnerability is CVE-2002-2288?
CVE-2002-2288 is an information disclosure vulnerability that exposes the server's physical path.
Who is affected by CVE-2002-2288?
CVE-2002-2288 affects users and administrators of Mambo Site Server version 4.0.11.
What causes CVE-2002-2288 to occur?
CVE-2002-2288 occurs when the server returns an error message that includes the physical path due to non-existent parameters in the HTTP request.

collector/nvd-historical
collector/nvd-index
agent/type
agent/softwarecombine
agent/first-publish-date
collector/mitre-cve
source/MITRE
agent/remedy
agent/last-modified-date
agent/severity
agent/weakness
agent/author
agent/references
agent/tags
agent/description
agent/event
agent/source
vendor/mambo
canonical/mambo site server
version/mambo site server/4.0.11

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

Frequently Asked Questions

What is the severity of CVE-2002-2288?
CVE-2002-2288 is considered a moderate severity vulnerability due to potential information disclosure.
How do I fix CVE-2002-2288?
To fix CVE-2002-2288, update Mambo Site Server to a version that addresses this vulnerability.
What type of vulnerability is CVE-2002-2288?
CVE-2002-2288 is an information disclosure vulnerability that exposes the server's physical path.
Who is affected by CVE-2002-2288?
CVE-2002-2288 affects users and administrators of Mambo Site Server version 4.0.11.
What causes CVE-2002-2288 to occur?
CVE-2002-2288 occurs when the server returns an error message that includes the physical path due to non-existent parameters in the HTTP request.