Lucene search
HistoryAug 03, 2005 - 4:00 a.m.
CVE-2005-2436
cve
2005
2436
browse.php
website baker project
sensitive data
remote attackers
directory
php files
error message
nvd
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.4 Medium
AI Score
Confidence
Low
0.01 Low
EPSS
Percentile
83.5%
browse.php in Website Baker Project allows remote attackers to obtain sensitive data via (1) a directory that does not exist in the dir parameter or (2) a direct request to certain php files, which reveal the path in an error message.
Affected configurations
Node
website_bakerwebsite_baker
| CPE | Name | Operator | Version |
|---|---|---|---|
| website_baker:website_baker | website baker | eq | * |
Related
cvelist
cvelist
CVE-2005-2436
2005-08-03 04:00:00
CVE-2011-3817
2022-10-03 16:15:07
nvd
nvd
CVE-2005-2436
2005-08-03 04:00:00
CVE-2011-3817
2011-09-24 00:55:03
cve
cve
CVE-2011-3817
2022-10-03 16:15:07
prion
prion
Information disclosure
2011-09-24 00:55:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.4 Medium
AI Score
Confidence
Low
0.01 Low
EPSS
Percentile
83.5%
Related for CVE-2005-2436