Information Disclosure Vulnerability in paFileDB 3.1 and Earlier

Information Disclosure Vulnerability in paFileDB 3.1 and Earlier

CVE-2005-0724 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

paFileDB 3.1 and earlier allows remote attackers to obtain sensitive information via (1) an invalid str parameter to pafiledb.php, or a direct request to (2) viewall.php, (3) stats.php, (4) search.php, (5) rate.php, (6) main.php, (7) license.php, (8) category.php, (9) download.php, (10) file.php, (11) email.php, or (12) admin.php, which reveals the path in a PHP error message.

Learn more about our Web Application Penetration Testing UK.