CVE-2005-2722

Properties

Published:
29.08.2005
Updated:
20.10.2005
Patch available:
Severity:
Low
  • CVSS vector:
    (AV:R/AC:L/Au:NR/C:C/I:N/A:N/B:N) Approximated
    Product:
    Foojan: PHP Weblog

    Vulnerability description

    Foojan PHP Weblog allows remote attackers to obtain sensitive information via (1) a direct request to /daylinks/index.php or (2) a negative value in the daylinkspage parameter to index.php, which reveal the path in an error message.

    References:

    BUGTRAQ: http://marc.theaimsgroup.com/?l=bugtraq&m=112491140712884&w=2
    BUGTRAQ: http://marc.theaimsgroup.com/?l=bugtraq&m=112491140712884&w=2