Vulnerability Details CVE-2005-1144
popup.php in EasyPHPCalendar before 6.2.8 allows remote attackers to obtain sensitive information via an invalid ev parameter, which reveals the full pathname of the web server in a PHP error message.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 63.1%
CVSS Severity
CVSS v2 Score 5.0
References
- http://docs.easyphpcalendar.com/Change%20Log/changeLog.htm
- http://securitytracker.com/id?1013704
- http://www.osvdb.org/15545
- http://www.snkenjoi.com/secadv/secadv4.txt
- http://docs.easyphpcalendar.com/Change%20Log/changeLog.htm
- http://securitytracker.com/id?1013704
- http://www.osvdb.org/15545
- http://www.snkenjoi.com/secadv/secadv4.txt
Products affected by CVE-2005-1144
-
cpe:2.3:a:easyphpcalendar:easyphpcalendar:*