Lucene search

K
cve[email protected]CVE-2005-4013
HistoryDec 05, 2005 - 11:03 a.m.

CVE-2005-4013

2005-12-0511:03:00
NVD-CWE-Other
web.nvd.nist.gov
17
cve-2005-4013
php web statistik
information security
access control
remote attack

7.2 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.011 Low

EPSS

Percentile

84.1%

PHP Web Statistik 1.4 stores the stat.cfg file under the web root with insufficient access control, which allows remote attackers to obtain sensitive information such as statistics and the log directory location, possibly including the logdb.dta file.

7.2 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.011 Low

EPSS

Percentile

84.1%