2 matches found
CVE-2005-0326
pafiledb.php in PaFileDB 3.1 allows remote attackers to gain sensitive information via an invalid or missing action parameter, which reveals the path in an error message when it cannot include a login.php script...
CVE-2005-0326
PaFileDB 3.1's pafiledb.php is vulnerable to information disclosure when the action parameter is invalid or missing, causing an error message that reveals the server path if login.php cannot be included. This is a remote-information-disclosure issue affecting PaFileDB 3.1 per CVE-2005-0326 (NVD/N...