Описание
phpAdsNew and phpPgAds 2.0.6 and possibly earlier versions allows remote attackers to obtain the application installation path and other sensitive information via direct requests to (1) create.php, and if display_errors is enabled, (2) lib-updates.inc.php, (3) lib-targetstats.inc.php, (4) lib-size.inc.php, (5) lib-misc-stats.inc.php, (6) lib-hourly-hosts.inc.php, (7) lib-hourly.inc.php, (8) lib-history.inc.php, and (9) graph-daily.php.
phpAdsNew and phpPgAds 2.0.6 and possibly earlier versions allows remote attackers to obtain the application installation path and other sensitive information via direct requests to (1) create.php, and if display_errors is enabled, (2) lib-updates.inc.php, (3) lib-targetstats.inc.php, (4) lib-size.inc.php, (5) lib-misc-stats.inc.php, (6) lib-hourly-hosts.inc.php, (7) lib-hourly.inc.php, (8) lib-history.inc.php, and (9) graph-daily.php.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2005-3645
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23043
- http://marc.info/?l=bugtraq&m=113165036315035&w=2
- http://seclists.org/lists/bugtraq/2005/Nov/0189.html
- http://secunia.com/advisories/17464
- http://securityreason.com/securityalert/171
- http://sourceforge.net/project/shownotes.php?group_id=36679&release_id=370942
- http://www.fitsec.com/advisories/FS-05-01.txt
- http://www.osvdb.org/20735
- http://www.osvdb.org/20736
- http://www.osvdb.org/20737
- http://www.osvdb.org/20738
- http://www.osvdb.org/20739
- http://www.osvdb.org/20740
- http://www.osvdb.org/20741
- http://www.osvdb.org/20742
- http://www.osvdb.org/20743
- http://www.vupen.com/english/advisories/2005/2380
Связанные уязвимости
phpAdsNew and phpPgAds 2.0.6 and possibly earlier versions allows remote attackers to obtain the application installation path and other sensitive information via direct requests to (1) create.php, and if display_errors is enabled, (2) lib-updates.inc.php, (3) lib-targetstats.inc.php, (4) lib-size.inc.php, (5) lib-misc-stats.inc.php, (6) lib-hourly-hosts.inc.php, (7) lib-hourly.inc.php, (8) lib-history.inc.php, and (9) graph-daily.php.