UBB.threads cron/php/subscriptions.php Direct Request Path Disclosure

{"id": "OSVDB:32320", "bulletinFamily": "software", "title": "UBB.threads cron/php/subscriptions.php Direct Request Path Disclosure", "description": "# No description provided by the source\n\n## References:\n[Related OSVDB ID: 32321](https://vulners.com/osvdb/OSVDB:32321)\n[Related OSVDB ID: 32325](https://vulners.com/osvdb/OSVDB:32325)\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-09/0495.html\nISS X-Force ID: 29274\n[CVE-2006-5138](https://vulners.com/cve/CVE-2006-5138)\nBugtraq ID: 20266\n", "published": "2006-09-29T19:11:49", "modified": "2006-09-29T19:11:49", "cvss": {"score": 5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://vulners.com/osvdb/OSVDB:32320", "reporter": "OSVDB", "references": [], "cvelist": ["CVE-2006-5138"], "type": "osvdb", "lastseen": "2017-04-28T13:20:28", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "3a6df26900dd84cc23f4447ce05bff97"}, {"key": "cvss", "hash": "a792e2393dff1e200b885c5245988f6f"}, {"key": "description", "hash": "d9f48d22fa3d971a7b8be4af67d7c408"}, {"key": "href", "hash": "39caf59bd6a05b0dda7fe3d708cacfc6"}, {"key": "modified", "hash": "f85596020058a81d9b22add9fd23f902"}, {"key": "objectVersion", "hash": "56765472680401499c79732468ba4340"}, {"key": "published", "hash": "f85596020058a81d9b22add9fd23f902"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "955b328dc7cd615c13af5464c9183464"}, {"key": "title", "hash": "8790e1d555ec41ead82e5d5678255f72"}, {"key": "type", "hash": "1327ac71f7914948578f08c54f772b10"}], "hash": "6a20a2e4da7d22075cc1999b7039061beb6541aea78d8da02e72e35dbc71e919", "viewCount": 0, "objectVersion": "1.2", "affectedSoftware": [], "enchantments": {"vulnersScore": 3.6}}

{"result": {"cve": [{"id": "CVE-2006-5138", "type": "cve", "title": "CVE-2006-5138", "description": "Groupee UBB.threads 6.5.1.1 allows remote attackers to obtain sensitive information via a direct request for cron/php/subscriptions.php, which reveals the path in an error message.", "published": "2006-10-03T00:03:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-5138", "cvelist": ["CVE-2006-5138"], "lastseen": "2017-07-20T10:49:34"}]}}