CVE-2005-3645
phpAdsNew and phpPgAds 2.0.6 - Exposure of Sensitive Information via Direct Requests
Title source: llmDescription
phpAdsNew and phpPgAds 2.0.6 and possibly earlier versions allows remote attackers to obtain the application installation path and other sensitive information via direct requests to (1) create.php, and if display_errors is enabled, (2) lib-updates.inc.php, (3) lib-targetstats.inc.php, (4) lib-size.inc.php, (5) lib-misc-stats.inc.php, (6) lib-hourly-hosts.inc.php, (7) lib-hourly.inc.php, (8) lib-history.inc.php, and (9) graph-daily.php.
References (17)
Core 17
Core References
Vendor Advisory x_refsource_misc
http://www.fitsec.com/advisories/FS-05-01.txt
Product x_refsource_confirm
http://sourceforge.net/project/shownotes.php?group_id=36679&release_id=370942
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/20740
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/20743
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=113165036315035&w=2
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/20737
Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/17464/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/20739
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/20735
Mailing List mailing-list
x_refsource_bugtraq
http://seclists.org/lists/bugtraq/2005/Nov/0189.html
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/171
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/20738
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/20741
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/23043
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2005/2380
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/20742
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/20736
Scores
EPSS
0.0226
EPSS Percentile
80.9%
Details
CWE
CWE-200
Status
published
Products (8)
phpadsnew/phpadsnew
2.0.4_pr1
phpadsnew/phpadsnew
2.0.5
phpadsnew/phpadsnew
2.0.6
phpadsnew/phpadsnew
2.0_beta5
phpadsnew/phpadsnew
2.0_beta6
phpadsnew/phpadsnew
2_dev_2001-09-30
phpadsnew/phpadsnew
2_dev_2001-10-09
phppgads/phppgads
2.0.6
Published
Nov 17, 2005
Tracked Since
Feb 18, 2026