1. CVE-Search
  2. CVE-2005-0655
ID CVE-2005-0655
Summary auraCMS 1.5 allows remote attackers to obtain sensitive information via an HTTP request with an invalid id parameter to (1) teman.php, (2) hal.php, or (3) arsip.php, which reveals the path in a PHP error message.
References
Vulnerable Configurations
  • cpe:2.3:a:arif_supriyanto:auracms:1.5:*:*:*:*:*:*:*
    cpe:2.3:a:arif_supriyanto:auracms:1.5:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 18-10-2016 - 03:13)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:N/A:N
refmap via4
bugtraq 20050302 Vulnerabilities in Aura CMS
misc http://echo.or.id/adv/adv011-y3dips-2005.txt
sectrack 1013357
Last major update 18-10-2016 - 03:13
Published 02-05-2005 - 04:00
Last modified 18-10-2016 - 03:13
Back to Top