CVE-2004-1736

EPSS 0.48%

Published: 12/31/2004Modified: 5/27/2026

Description

Cacti 0.8.5a allows remote attackers to gain sensitive information via an HTTP request to (1) auth.php, (2) auth_login.php, (3) auth_changepassword.php, and possibly other php files, which reveal the installation path in a PHP error message.

Affected packages (1)

Debian/cactifrom 0, < 0.8.5a-5

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2004-1736