Vulnerability Details CVE-2005-2436
browse.php in Website Baker Project allows remote attackers to obtain sensitive data via (1) a directory that does not exist in the dir parameter or (2) a direct request to certain php files, which reveal the path in an error message.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 61.5%
CVSS Severity
CVSS v2 Score 5.0
References
- http://marc.info/?l=bugtraq&m=112260471228762&w=2
- http://secunia.com/advisories/16263
- http://www.osvdb.org/18343
- http://www.osvdb.org/18344
- https://exchange.xforce.ibmcloud.com/vulnerabilities/21633
- http://marc.info/?l=bugtraq&m=112260471228762&w=2
- http://secunia.com/advisories/16263
- http://www.osvdb.org/18343
- http://www.osvdb.org/18344
- https://exchange.xforce.ibmcloud.com/vulnerabilities/21633
Products affected by CVE-2005-2436
-
cpe:2.3:a:website_baker:website_baker:*