CVE-2005-3645 in phpAdsNewinfo

Summary

phpAdsNew and phpPgAds 2.0.6 and possibly earlier versions allows remote attackers to obtain the application installation path and other sensitive information via direct requests to (1) create.php, and if display_errors is enabled, (2) lib-updates.inc.php, (3) lib-targetstats.inc.php, (4) lib-size.inc.php, (5) lib-misc-stats.inc.php, (6) lib-hourly-hosts.inc.php, (7) lib-hourly.inc.php, (8) lib-history.inc.php, and (9) graph-daily.php.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

11/17/2005

Disclosure

11/17/2005

Moderation

VulDB entry created

Entries

VDB-26936 (1)

CPE

ready

CWE

CWE-200 (Confirmed)

CVSS

5.3

EPSS

0.02009

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2005-3645
NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-3645
CVE Details	https://www.cvedetails.com/cve/CVE-2005-3645/

◂ Previous Overview Next ▸