{ "schema_version": "1.4.0", "id": "GHSA-g92x-x9vw-56c2", "modified": "2022-05-01T02:08:14Z", "published": "2022-05-01T02:08:14Z", "aliases": [ "CVE-2005-2433" ], "details": "PhpList allows remote attackers to obtain sensitive information via a direct request to (1) about.php, (2) connect.php, (3) domainstats.php or (4) usercheck.php in public_html/lists/admin directory, (5) attributes.php, (6) dbcheck.php, (7) importcsv.php, (8) user.php, (9) usermgt.php, or (10) users.php in admin/commonlib/pages directory, (11) helloworld.php, or (12) sidebar.php in public_html/lists/admin/plugins directory, or (13) main.php in public_html/lists/admin/plugsins/defaultplugin directory, which reveal the path in an error message.", "severity": [], "affected": [], "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2005-2433" }, { "type": "WEB", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21579" }, { "type": "WEB", "url": "http://marc.info/?l=bugtraq&m=112258115325054&w=2" }, { "type": "WEB", "url": "http://www.osvdb.org/18317" }, { "type": "WEB", "url": "http://www.osvdb.org/18318" }, { "type": "WEB", "url": "http://www.osvdb.org/18319" }, { "type": "WEB", "url": "http://www.osvdb.org/18320" }, { "type": "WEB", "url": "http://www.osvdb.org/18321" }, { "type": "WEB", "url": "http://www.osvdb.org/18322" }, { "type": "WEB", "url": "http://www.osvdb.org/18323" }, { "type": "WEB", "url": "http://www.osvdb.org/18324" }, { "type": "WEB", "url": "http://www.osvdb.org/18325" }, { "type": "WEB", "url": "http://www.osvdb.org/18326" }, { "type": "WEB", "url": "http://www.osvdb.org/18327" }, { "type": "WEB", "url": "http://www.osvdb.org/18328" }, { "type": "WEB", "url": "http://www.osvdb.org/18329" } ], "database_specific": { "cwe_ids": [], "severity": "MODERATE", "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2005-08-03T04:00:00Z" } }