CVE-2005-0724

Published: May 2, 2005Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

paFileDB 3.1 and earlier allows remote attackers to obtain sensitive information via (1) an invalid str parameter to pafiledb.php, or a direct request to (2) viewall.php, (3) stats.php, (4) search.php, (5) rate.php, (6) main.php, (7) license.php, (8) category.php, (9) download.php, (10) file.php, (11) email.php, or (12) admin.php, which reveals the path in a PHP error message.

Affected (1)

Products: Php Arena: Pafiledb

Php Arena

1 product

Pafiledb

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Php Arena Pafiledb	Up to 3.1

References (2)

http://marc.info/?l=bugtraq&m=111031801802851&w=2

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=111031801802851&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.