| Vulnerability Name: | CVE-2005-0603 (CCN-19486) | ||||||||
| Assigned: | 2005-02-26 | ||||||||
| Published: | 2005-02-26 | ||||||||
| Updated: | 2016-10-18 | ||||||||
| Summary: | viewtopic.php in phpBB 2.0.12 and earlier allows remote attackers to obtain sensitive information via a highlight parameter containing invalid regular expression syntax, which reveals the path in a PHP error message. | ||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
| ||||||||
| CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Obtain Information | ||||||||
| References: | Source: CCN Type: BugTraq Mailing List, Sat Feb 26 2005 - 05:29:08 CST phpBB 2.0.12 Full path disclosure Source: MITRE Type: CNA CVE-2005-0603 Source: BUGTRAQ Type: UNKNOWN 20050225 -==phpBB 2.0.12 Full path disclosure==- Source: CCN Type: Neo Security Team NST - Advisory #06 - 25/02/05 phpBB 2.0.12 Full path disclosure Source: MISC Type: UNKNOWN http://neossecurity.net/Advisories/Advisory-06.txt Source: CCN Type: SA14413 phpBB "autologinid" Security Bypass Source: SECUNIA Type: Patch, Vendor Advisory 14413 Source: CCN Type: OSVDB ID: 14243 phpBB viewtopic.php Path Disclosure Source: CCN Type: phpBB Web site phpBB.com :: Downloads Source: CCN Type: phpBB Forum post - phpBB 2.0.13 released phpBB 2.0.13 released - Critical Update Source: CONFIRM Type: Patch, Vendor Advisory http://www.phpbb.com/phpBB/viewtopic.php?t=267563 Source: XF Type: UNKNOWN phpbb-viewtopicphp-path-disclosure(19486) | ||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
| BACK | |||||||||