CVE-2004-2732

Netbilling 2.0 - Information Disclosure via nbmember.cgi cmd=test Option

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-2732. PoCs published by ls.

AI-analyzed exploit summary The provided code is a writeup describing an information disclosure vulnerability in Netbilling's 'nbmember.cgi' script. It includes example URLs that demonstrate how an attacker could access user credentials and sensitive configuration information.

Description

nbmember.cgi in Netbilling 2.0 allows remote attackers to obtain sensitive information via the cmd=test option, which can be leveraged to determine the access key.

Exploits (1)

exploitdb WRITEUP VERIFIED
by ls · textwebappscgi
https://www.exploit-db.com/exploits/24700

The provided code is a writeup describing an information disclosure vulnerability in Netbilling's 'nbmember.cgi' script. It includes example URLs that demonstrate how an attacker could access user credentials and sensitive configuration information.

Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Netbilling nbmember.cgi
No auth needed
Prerequisites: Access to the target web server
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/11504
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1011881
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/10902
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/17865

Scores

EPSS 0.0401
EPSS Percentile 89.3%

Details

CWE
CWE-78
Status published
Products (1)
netbilling/netbilling 2.0
Published Dec 31, 2004
Tracked Since Feb 18, 2026