Lucene search

[email protected]CVE-2005-1616

HistoryMay 16, 2005 - 4:00 a.m.

CVE-2005-1616

2005-05-1604:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2005-1616

viewforum.php

ultimate php board

upb

information disclosure

remote attack

security vulnerability

6.7 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.007 Low

EPSS

Percentile

80.4%

JSON

viewforum.php in Ultimate PHP Board (UPB) 1.8 through 1.9.6 allows remote attackers to obtain sensitive information via an invalid (1) id or possibly (2) postorder parameter, which reveals the path in an error message when a file can not be opened.

CPENameOperatorVersion
ultimate_php_board:ultimate_php_boardultimate php boardeq1.9.6
ultimate_php_board:ultimate_php_boardultimate php boardeq1.8
ultimate_php_board:ultimate_php_boardultimate php boardeq1.8.2
ultimate_php_board:ultimate_php_boardultimate php boardeq1.9

CPE	Name	Operator	Version
ultimate_php_board:ultimate_php_board	ultimate php board	eq	1.9.6
ultimate_php_board:ultimate_php_board	ultimate php board	eq	1.8
ultimate_php_board:ultimate_php_board	ultimate php board	eq	1.8.2
ultimate_php_board:ultimate_php_board	ultimate php board	eq	1.9

References

marc.info/?l=bugtraq&m=111600262424876&w=2

6.7 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.007 Low

EPSS

Percentile

80.4%

JSON

Related for CVE-2005-1616

nessus1