mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
132 lines
4.3 KiB
JSON
132 lines
4.3 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "cve@mitre.org",
|
|
"ID": "CVE-2005-2433",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "n/a",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "PhpList allows remote attackers to obtain sensitive information via a direct request to (1) about.php, (2) connect.php, (3) domainstats.php or (4) usercheck.php in public_html/lists/admin directory, (5) attributes.php, (6) dbcheck.php, (7) importcsv.php, (8) user.php, (9) usermgt.php, or (10) users.php in admin/commonlib/pages directory, (11) helloworld.php, or (12) sidebar.php in public_html/lists/admin/plugins directory, or (13) main.php in public_html/lists/admin/plugsins/defaultplugin directory, which reveal the path in an error message."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "18329",
|
|
"refsource": "OSVDB",
|
|
"url": "http://www.osvdb.org/18329"
|
|
},
|
|
{
|
|
"name": "18323",
|
|
"refsource": "OSVDB",
|
|
"url": "http://www.osvdb.org/18323"
|
|
},
|
|
{
|
|
"name": "18321",
|
|
"refsource": "OSVDB",
|
|
"url": "http://www.osvdb.org/18321"
|
|
},
|
|
{
|
|
"name": "18326",
|
|
"refsource": "OSVDB",
|
|
"url": "http://www.osvdb.org/18326"
|
|
},
|
|
{
|
|
"name": "phplist-multiple-scripts-path-disclosure(21579)",
|
|
"refsource": "XF",
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21579"
|
|
},
|
|
{
|
|
"name": "18322",
|
|
"refsource": "OSVDB",
|
|
"url": "http://www.osvdb.org/18322"
|
|
},
|
|
{
|
|
"name": "18325",
|
|
"refsource": "OSVDB",
|
|
"url": "http://www.osvdb.org/18325"
|
|
},
|
|
{
|
|
"name": "18327",
|
|
"refsource": "OSVDB",
|
|
"url": "http://www.osvdb.org/18327"
|
|
},
|
|
{
|
|
"name": "18328",
|
|
"refsource": "OSVDB",
|
|
"url": "http://www.osvdb.org/18328"
|
|
},
|
|
{
|
|
"name": "18318",
|
|
"refsource": "OSVDB",
|
|
"url": "http://www.osvdb.org/18318"
|
|
},
|
|
{
|
|
"name": "18324",
|
|
"refsource": "OSVDB",
|
|
"url": "http://www.osvdb.org/18324"
|
|
},
|
|
{
|
|
"name": "18317",
|
|
"refsource": "OSVDB",
|
|
"url": "http://www.osvdb.org/18317"
|
|
},
|
|
{
|
|
"name": "20050728 PhpList Sql Injection and Path Disclosure",
|
|
"refsource": "BUGTRAQ",
|
|
"url": "http://marc.info/?l=bugtraq&m=112258115325054&w=2"
|
|
},
|
|
{
|
|
"name": "18320",
|
|
"refsource": "OSVDB",
|
|
"url": "http://www.osvdb.org/18320"
|
|
},
|
|
{
|
|
"name": "18319",
|
|
"refsource": "OSVDB",
|
|
"url": "http://www.osvdb.org/18319"
|
|
}
|
|
]
|
|
}
|
|
} |