CVE-2005-3645

2005-11-1711:00:00

mitre

www.cve.org

AI Score

6.3

Confidence

Low

EPSS

0.012

Percentile

85.5%

JSON

phpAdsNew and phpPgAds 2.0.6 and possibly earlier versions allows remote attackers to obtain the application installation path and other sensitive information via direct requests to (1) create.php, and if display_errors is enabled, (2) lib-updates.inc.php, (3) lib-targetstats.inc.php, (4) lib-size.inc.php, (5) lib-misc-stats.inc.php, (6) lib-hourly-hosts.inc.php, (7) lib-hourly.inc.php, (8) lib-history.inc.php, and (9) graph-daily.php.

References

marc.info/?l=bugtraq&m=113165036315035&w=2

seclists.org/lists/bugtraq/2005/Nov/0189.html

secunia.com/advisories/17464/

securityreason.com/securityalert/171

sourceforge.net/project/shownotes.php?group_id=36679&release_id=370942

www.fitsec.com/advisories/FS-05-01.txt

www.osvdb.org/20735

www.osvdb.org/20736

www.osvdb.org/20737

www.osvdb.org/20738

www.osvdb.org/20739

www.osvdb.org/20740

www.osvdb.org/20741

www.osvdb.org/20742

www.osvdb.org/20743

www.vupen.com/english/advisories/2005/2380

exchange.xforce.ibmcloud.com/vulnerabilities/23043