Sensitive Information Disclosure in auraCMS 1.5 via Invalid id Parameter
CVE-2005-0655 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
auraCMS 1.5 allows remote attackers to obtain sensitive information via an HTTP request with an invalid id parameter to (1) teman.php, (2) hal.php, or (3) arsip.php, which reveals the path in a PHP error message.
Learn more about our Cms Pen Testing.