Lucene search

K
cve[email protected]CVE-2005-0780
HistoryMar 12, 2005 - 5:00 a.m.

CVE-2005-0780

2005-03-1205:00:00
NVD-CWE-Other
web.nvd.nist.gov
24
pafiledb
information security
cve-2005-0780
remote attack
sensitive information disclosure

7 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.135 Low

EPSS

Percentile

95.5%

paFileDB 3.1 and earlier allows remote attackers to obtain sensitive information via a direct request to (1) auth.php, (2) login.php, (3) category.php, (4) file.php, (5) team.php, (6) license.php, (7) custom.php, (8) admins.php, or (9) backupdb.php, which reveal the path in a PHP error message.

7 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.135 Low

EPSS

Percentile

95.5%