Information Disclosure Vulnerability in paFileDB 3.1 and Earlier
CVE-2005-0724 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
paFileDB 3.1 and earlier allows remote attackers to obtain sensitive information via (1) an invalid str parameter to pafiledb.php, or a direct request to (2) viewall.php, (3) stats.php, (4) search.php, (5) rate.php, (6) main.php, (7) license.php, (8) category.php, (9) download.php, (10) file.php, (11) email.php, or (12) admin.php, which reveals the path in a PHP error message.
Learn more about our Web Application Penetration Testing UK.