CVE-2005-0724

2005-05-02T00:00:00
ID CVE-2005-0724
Type cve
Reporter NVD
Modified 2016-10-17T23:14:02

Description

paFileDB 3.1 and earlier allows remote attackers to obtain sensitive information via (1) an invalid str parameter to pafiledb.php, or a direct request to (2) viewall.php, (3) stats.php, (4) search.php, (5) rate.php, (6) main.php, (7) license.php, (8) category.php, (9) download.php, (10) file.php, (11) email.php, or (12) admin.php, which reveals the path in a PHP error message.