{"id":"CVE-2004-1736","details":"Cacti 0.8.5a allows remote attackers to gain sensitive information via an HTTP request to (1) auth.php, (2) auth_login.php, (3) auth_changepassword.php, and possibly other php files, which reveal the installation path in a PHP error message.","modified":"2026-04-10T03:36:40.657460Z","published":"2004-12-31T05:00:00Z","references":[{"type":"EVIDENCE","url":"http://lists.grok.org.uk/pipermail/full-disclosure/2004-August/025376.html"},{"type":"EVIDENCE","url":"http://secunia.com/advisories/12308"},{"type":"WEB","url":"http://marc.info/?l=bugtraq&m=109272483621038&w=2"},{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/17014"}],"schema_version":"1.7.5"}