CVE-2005-3645

phpAdsNew and phpPgAds 2.0.6 - Exposure of Sensitive Information via Direct Requests

Title source: llm
STIX 2.1

Description

phpAdsNew and phpPgAds 2.0.6 and possibly earlier versions allows remote attackers to obtain the application installation path and other sensitive information via direct requests to (1) create.php, and if display_errors is enabled, (2) lib-updates.inc.php, (3) lib-targetstats.inc.php, (4) lib-size.inc.php, (5) lib-misc-stats.inc.php, (6) lib-hourly-hosts.inc.php, (7) lib-hourly.inc.php, (8) lib-history.inc.php, and (9) graph-daily.php.

References (17)

Core 17
Core References
Vendor Advisory x_refsource_misc
http://www.fitsec.com/advisories/FS-05-01.txt
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/20740
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/20743
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=113165036315035&w=2
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/20737
Patch, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/17464/
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/20739
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/20735
Mailing List mailing-list x_refsource_bugtraq
http://seclists.org/lists/bugtraq/2005/Nov/0189.html
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/171
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/20738
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/20741
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/23043
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2005/2380
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/20742
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/20736

Scores

EPSS 0.0226
EPSS Percentile 80.9%

Details

CWE
CWE-200
Status published
Products (8)
phpadsnew/phpadsnew 2.0.4_pr1
phpadsnew/phpadsnew 2.0.5
phpadsnew/phpadsnew 2.0.6
phpadsnew/phpadsnew 2.0_beta5
phpadsnew/phpadsnew 2.0_beta6
phpadsnew/phpadsnew 2_dev_2001-09-30
phpadsnew/phpadsnew 2_dev_2001-10-09
phppgads/phppgads 2.0.6
Published Nov 17, 2005
Tracked Since Feb 18, 2026