{ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-2433", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "PhpList allows remote attackers to obtain sensitive information via a direct request to (1) about.php, (2) connect.php, (3) domainstats.php or (4) usercheck.php in public_html/lists/admin directory, (5) attributes.php, (6) dbcheck.php, (7) importcsv.php, (8) user.php, (9) usermgt.php, or (10) users.php in admin/commonlib/pages directory, (11) helloworld.php, or (12) sidebar.php in public_html/lists/admin/plugins directory, or (13) main.php in public_html/lists/admin/plugsins/defaultplugin directory, which reveal the path in an error message." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "18329", "refsource": "OSVDB", "url": "http://www.osvdb.org/18329" }, { "name": "18323", "refsource": "OSVDB", "url": "http://www.osvdb.org/18323" }, { "name": "18321", "refsource": "OSVDB", "url": "http://www.osvdb.org/18321" }, { "name": "18326", "refsource": "OSVDB", "url": "http://www.osvdb.org/18326" }, { "name": "phplist-multiple-scripts-path-disclosure(21579)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21579" }, { "name": "18322", "refsource": "OSVDB", "url": "http://www.osvdb.org/18322" }, { "name": "18325", "refsource": "OSVDB", "url": "http://www.osvdb.org/18325" }, { "name": "18327", "refsource": "OSVDB", "url": "http://www.osvdb.org/18327" }, { "name": "18328", "refsource": "OSVDB", "url": "http://www.osvdb.org/18328" }, { "name": "18318", "refsource": "OSVDB", "url": "http://www.osvdb.org/18318" }, { "name": "18324", "refsource": "OSVDB", "url": "http://www.osvdb.org/18324" }, { "name": "18317", "refsource": "OSVDB", "url": "http://www.osvdb.org/18317" }, { "name": "20050728 PhpList Sql Injection and Path Disclosure", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=112258115325054&w=2" }, { "name": "18320", "refsource": "OSVDB", "url": "http://www.osvdb.org/18320" }, { "name": "18319", "refsource": "OSVDB", "url": "http://www.osvdb.org/18319" } ] } }