Vulnerability Details CVE-2005-0780
paFileDB 3.1 and earlier allows remote attackers to obtain sensitive information via a direct request to (1) auth.php, (2) login.php, (3) category.php, (4) file.php, (5) team.php, (6) license.php, (7) custom.php, (8) admins.php, or (9) backupdb.php, which reveal the path in a PHP error message.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.036
EPSS Ranking 87.4%
CVSS Severity
CVSS v2 Score 5.0
References
Products affected by CVE-2005-0780
-
cpe:2.3:a:php_arena:pafiledb:1.1.3
-
cpe:2.3:a:php_arena:pafiledb:2.1.1
-
cpe:2.3:a:php_arena:pafiledb:3.0
-
cpe:2.3:a:php_arena:pafiledb:3.0_beta_3.1
-
cpe:2.3:a:php_arena:pafiledb:3.1