mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
133 lines
3.9 KiB
JSON
133 lines
3.9 KiB
JSON
{
|
|
"CVE_data_meta" : {
|
|
"ASSIGNER" : "cve@mitre.org",
|
|
"ID" : "CVE-2005-2433",
|
|
"STATE" : "PUBLIC"
|
|
},
|
|
"affects" : {
|
|
"vendor" : {
|
|
"vendor_data" : [
|
|
{
|
|
"product" : {
|
|
"product_data" : [
|
|
{
|
|
"product_name" : "n/a",
|
|
"version" : {
|
|
"version_data" : [
|
|
{
|
|
"version_value" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format" : "MITRE",
|
|
"data_type" : "CVE",
|
|
"data_version" : "4.0",
|
|
"description" : {
|
|
"description_data" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "PhpList allows remote attackers to obtain sensitive information via a direct request to (1) about.php, (2) connect.php, (3) domainstats.php or (4) usercheck.php in public_html/lists/admin directory, (5) attributes.php, (6) dbcheck.php, (7) importcsv.php, (8) user.php, (9) usermgt.php, or (10) users.php in admin/commonlib/pages directory, (11) helloworld.php, or (12) sidebar.php in public_html/lists/admin/plugins directory, or (13) main.php in public_html/lists/admin/plugsins/defaultplugin directory, which reveal the path in an error message."
|
|
}
|
|
]
|
|
},
|
|
"problemtype" : {
|
|
"problemtype_data" : [
|
|
{
|
|
"description" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references" : {
|
|
"reference_data" : [
|
|
{
|
|
"name" : "20050728 PhpList Sql Injection and Path Disclosure",
|
|
"refsource" : "BUGTRAQ",
|
|
"url" : "http://marc.info/?l=bugtraq&m=112258115325054&w=2"
|
|
},
|
|
{
|
|
"name" : "18317",
|
|
"refsource" : "OSVDB",
|
|
"url" : "http://www.osvdb.org/18317"
|
|
},
|
|
{
|
|
"name" : "18318",
|
|
"refsource" : "OSVDB",
|
|
"url" : "http://www.osvdb.org/18318"
|
|
},
|
|
{
|
|
"name" : "18319",
|
|
"refsource" : "OSVDB",
|
|
"url" : "http://www.osvdb.org/18319"
|
|
},
|
|
{
|
|
"name" : "18320",
|
|
"refsource" : "OSVDB",
|
|
"url" : "http://www.osvdb.org/18320"
|
|
},
|
|
{
|
|
"name" : "18321",
|
|
"refsource" : "OSVDB",
|
|
"url" : "http://www.osvdb.org/18321"
|
|
},
|
|
{
|
|
"name" : "18322",
|
|
"refsource" : "OSVDB",
|
|
"url" : "http://www.osvdb.org/18322"
|
|
},
|
|
{
|
|
"name" : "18323",
|
|
"refsource" : "OSVDB",
|
|
"url" : "http://www.osvdb.org/18323"
|
|
},
|
|
{
|
|
"name" : "18324",
|
|
"refsource" : "OSVDB",
|
|
"url" : "http://www.osvdb.org/18324"
|
|
},
|
|
{
|
|
"name" : "18325",
|
|
"refsource" : "OSVDB",
|
|
"url" : "http://www.osvdb.org/18325"
|
|
},
|
|
{
|
|
"name" : "18326",
|
|
"refsource" : "OSVDB",
|
|
"url" : "http://www.osvdb.org/18326"
|
|
},
|
|
{
|
|
"name" : "18327",
|
|
"refsource" : "OSVDB",
|
|
"url" : "http://www.osvdb.org/18327"
|
|
},
|
|
{
|
|
"name" : "18328",
|
|
"refsource" : "OSVDB",
|
|
"url" : "http://www.osvdb.org/18328"
|
|
},
|
|
{
|
|
"name" : "18329",
|
|
"refsource" : "OSVDB",
|
|
"url" : "http://www.osvdb.org/18329"
|
|
},
|
|
{
|
|
"name" : "phplist-multiple-scripts-path-disclosure(21579)",
|
|
"refsource" : "XF",
|
|
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/21579"
|
|
}
|
|
]
|
|
}
|
|
}
|