Vulnerability Description
browse.php in Website Baker Project allows remote attackers to obtain sensitive data via (1) a directory that does not exist in the dir parameter or (2) a direct request to certain php files, which reveal the path in an error message.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Website Baker | Website Baker | All versions |
References
- http://marc.info/?l=bugtraq&m=112260471228762&w=2
- http://secunia.com/advisories/16263
- http://www.osvdb.org/18343
- http://www.osvdb.org/18344
- https://exchange.xforce.ibmcloud.com/vulnerabilities/21633
- http://marc.info/?l=bugtraq&m=112260471228762&w=2
- http://secunia.com/advisories/16263
- http://www.osvdb.org/18343
- http://www.osvdb.org/18344
- https://exchange.xforce.ibmcloud.com/vulnerabilities/21633
FAQ
What is CVE-2005-2436?
CVE-2005-2436 is a vulnerability with a CVSS score of 5.0 (MEDIUM). browse.php in Website Baker Project allows remote attackers to obtain sensitive data via (1) a directory that does not exist in the dir parameter or (2) a direct request to certain php files, which re...
How severe is CVE-2005-2436?
CVE-2005-2436 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-2436?
Check the references section above for vendor advisories and patch information. Affected products include: Website Baker Website Baker.