{"type": "osvdb", "published": "2003-08-10T07:51:47", "href": "https://vulners.com/osvdb/OSVDB:3843", "hashmap": [{"key": "affectedSoftware", "hash": "0ebcc435115a9141102beeedeedd0fbe"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "4c6f68ad3f7ee638504db3447fadf24f"}, {"key": "cvss", "hash": "a792e2393dff1e200b885c5245988f6f"}, {"key": "description", "hash": "9220dc2dd87822799eca80b2bad74cfc"}, {"key": "href", "hash": "c4d24316e6a26534618e9bbd16d67d2d"}, {"key": "modified", "hash": "0f12bc90c468b3daf6f02efe0989cc30"}, {"key": "objectVersion", "hash": "56765472680401499c79732468ba4340"}, {"key": "published", "hash": "0f12bc90c468b3daf6f02efe0989cc30"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "955b328dc7cd615c13af5464c9183464"}, {"key": "title", "hash": "400b04515408b2c9a46882903f1e18a4"}, {"key": "type", "hash": "1327ac71f7914948578f08c54f772b10"}], "bulletinFamily": "software", "cvss": {"vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/", "score": 5.0}, "viewCount": 0, "history": [], "edition": 1, "objectVersion": "1.2", "reporter": "OSVDB", "title": "phpWebSite Calendar Module Path Disclosure", "affectedSoftware": [{"operator": "eq", "version": "0.7.3", "name": "phpWebSite"}, {"operator": "eq", "version": "0.9.3", "name": "phpWebSite"}, {"operator": "eq", "version": "0.8.2", "name": "phpWebSite"}, {"operator": "eq", "version": "0.8.3", "name": "phpWebSite"}], "enchantments": {"score": {"vector": "NONE", "value": 5.0}, "vulnersScore": 5.0}, "references": [], "id": "OSVDB:3843", "hash": "96199c8282c88b61c51d59f273690046680bda101a0da7d0fa1a7fac334b66f4", "lastseen": "2017-04-28T13:19:58", "cvelist": ["CVE-2003-0737"], "modified": "2003-08-10T07:51:47", "description": "## Vulnerability Description\nphpWebSite contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when improper input is passed to the \"year\" variable, which will disclose the web server physical path resulting in a loss of confidentiality.\n## Solution Description\nUpgrade to version 0.8.3 or higher, as it has been reported to fix this \nvulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nphpWebSite contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when improper input is passed to the \"year\" variable, which will disclose the web server physical path resulting in a loss of confidentiality.\n## Manual Testing Notes\nhttp://[victim]/index.php?module=calendar&calendar[view]\n=month&month=11&year=9\n## References:\nVendor URL: http://phpwebsite.appstate.edu/\n[Secunia Advisory ID:9517](https://secuniaresearch.flexerasoftware.com/advisories/9517/)\n[Related OSVDB ID: 3842](https://vulners.com/osvdb/OSVDB:3842)\n[Related OSVDB ID: 3844](https://vulners.com/osvdb/OSVDB:3844)\n[Related OSVDB ID: 2410](https://vulners.com/osvdb/OSVDB:2410)\nOther Advisory URL: http://archives.neohapsis.com/archives/fulldisclosure/2003-q3/1659.html\nISS X-Force ID: 12895\nGeneric Informational URL: http://phpwebsite.appstate.edu/index.php?module=announce&ANN_user_op=view&ANN_id=577\n[CVE-2003-0737](https://vulners.com/cve/CVE-2003-0737)\n"}

{"cve": [{"lastseen": "2017-04-18T15:50:03", "references": ["http://marc.info/?l=bugtraq&m=106062021711496&w=2", "http://marc.info/?l=bugtraq&m=106252188522715&w=2"], "description": "The calendar module in phpWebSite 0.9.x and earlier allows remote attackers to obtain the full pathname of phpWebSite via an invalid year, which generates an error from localtime() in TimeZone.php of the Pear library.", "edition": 2, "reporter": "NVD", "published": "2003-10-20T00:00:00", "title": "CVE-2003-0737", "type": "cve", "enchantments": {"score": {"modified": "2017-04-18T15:50:03", "vector": "NONE", "value": 5.0}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2003-0737"], "scanner": [], "modified": "2016-10-17T22:37:02", "cpe": ["cpe:/a:phpwebsite:phpwebsite:0.9.0"], "id": "CVE-2003-0737", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0737", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "nessus": [{"lastseen": "2018-09-01T23:37:45", "references": ["http://seclists.org/fulldisclosure/2003/Aug/404"], "pluginID": "11816", "description": "There are multiple flaws in the remote version of phpWebSite that may allow an attacker to gain the control of the remote database, or to disable this site entirely.", "edition": 6, "reporter": "Tenable", "published": "2003-08-11T00:00:00", "title": "phpWebSite < 0.9.x Multiple Vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "CGI abuses", "bulletinFamily": "scanner", "cvelist": ["CVE-2003-0735", "CVE-2003-0736", "CVE-2003-0737", "CVE-2003-0738"], "modified": "2018-08-13T00:00:00", "cpe": ["cpe:/a:phpwebsite:phpwebsite"], "id": "PHPWEBSITE_MULTIPLE_FLAWS.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=11816", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\n\ninclude(\"compat.inc\");\n\nif(description) {\n script_id(11816);\n script_version(\"1.20\");\n\n script_cve_id(\n \"CVE-2003-0735\", \n \"CVE-2003-0736\", \n \"CVE-2003-0737\", \n \"CVE-2003-0738\"\n );\n\n script_name(english:\"phpWebSite < 0.9.x Multiple Vulnerabilities\");\n \n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server contains several PHP scripts that are prone to \nmultiple flaws.\" );\n script_set_attribute(attribute:\"description\", value:\n\"There are multiple flaws in the remote version of phpWebSite that may\nallow an attacker to gain the control of the remote database, or to\ndisable this site entirely.\" );\n script_set_attribute(attribute:\"see_also\", value:\"http://seclists.org/fulldisclosure/2003/Aug/404\" );\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to the latest version of this software.\" );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(134);\n\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2003/08/11\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2003/08/10\");\n script_cvs_date(\"Date: 2018/08/13 14:32:36\");\nscript_set_attribute(attribute:\"plugin_type\", value:\"remote\");\nscript_set_attribute(attribute:\"cpe\",value:\"cpe:/a:phpwebsite:phpwebsite\");\nscript_end_attributes();\n\n \n script_summary(english:\"SQL Injection and more.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2003-2018 Tenable Network Security, Inc.\");\n script_family(english:\"CGI abuses\");\n script_dependencie(\"phpwebsite_detect.nasl\");\n script_exclude_keys(\"Settings/disable_cgi_scanning\");\n script_require_ports(\"Services/www\", 80);\n script_require_keys(\"www/phpwebsite\");\n exit(0);\n}\n\n# Check starts here\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\n\nport = get_http_port(default:80);\nif(!can_host_php(port:port))exit(0);\n\n\n# Check each installed instance, stopping if we find a vulnerability.\ninstall = get_kb_item(string(\"www/\", port, \"/phpwebsite\"));\nif (isnull(install)) exit(0);\nmatches = eregmatch(string:install, pattern:\"^(.+) under (/.*)$\");\nif (!isnull(matches)) {\n dir = matches[2];\n\n r = http_send_recv3(method:\"GET\", item:dir + \"/index.php?module=calendar&calendar[view]=day&year=2003%00-1&month=\", port:port);\n if(isnull(r))exit(0);\n buf = r[2];\n\n if(egrep(pattern:\".*select.*mod_calendar_events.*\", string:buf)) {\n security_hole(port);\n set_kb_item(name: 'www/'+port+'/SQLInjection', value: TRUE);\n exit(0);\n }\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}]}