CVE-2005-0572

Опубликовано: 02 мая 2005

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

index.php in phpWebSite 0.10.0 and earlier allows remote attackers to obtain sensitive information via an invalid SEA_search_module parameter, which reveals the path in a PHP error message.

Ссылки

http://marc.info/?l=bugtraq&m=110935172116369&w=2
http://neossecurity.net/Advisories/Advisory-05.txt
Vendor Advisory
URL Repurposed
http://www.gentoo.org/security/en/glsa/glsa-200503-04.xml
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/19480
http://marc.info/?l=bugtraq&m=110935172116369&w=2
http://neossecurity.net/Advisories/Advisory-05.txt
Vendor Advisory
URL Repurposed
http://www.gentoo.org/security/en/glsa/glsa-200503-04.xml
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/19480

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:phpwebsite:phpwebsite:0.9.0:*:*:*:*:*:*:*

cpe:2.3:a:phpwebsite:phpwebsite:0.9.1:*:*:*:*:*:*:*

cpe:2.3:a:phpwebsite:phpwebsite:0.9.2:*:*:*:*:*:*:*

cpe:2.3:a:phpwebsite:phpwebsite:0.9.2.1:*:*:*:*:*:*:*

cpe:2.3:a:phpwebsite:phpwebsite:0.9.3:*:*:*:*:*:*:*

cpe:2.3:a:phpwebsite:phpwebsite:0.9.3.1:*:*:*:*:*:*:*

cpe:2.3:a:phpwebsite:phpwebsite:0.9.3.2:*:*:*:*:*:*:*

cpe:2.3:a:phpwebsite:phpwebsite:0.9.3.3:*:*:*:*:*:*:*

cpe:2.3:a:phpwebsite:phpwebsite:0.9.3.4:*:*:*:*:*:*:*

cpe:2.3:a:phpwebsite:phpwebsite:0.10.0:*:*:*:*:*:*:*

EPSS

Процентиль: 64%

0.00471

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-pf6g-rp8x-w43x

github

почти 4 года назад