Vulnerabilities > CVE-2005-1235 - Information Disclosure vulnerability in PHPbb Group PHPbb-Auction 1.0M/1.2M

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
phpbb-group
NVD
Published: 2005-05-02
Updated: 2008-09-05

Summary

auction_my_auctions.php in phpbb-Auction 1.2m and earlier allows remote attackers to obtain sensitive information via an invalid mode parameter, which leaks the full path in a PHP error message. Fixed updated version on http://www.phpbb-auction.com/

Vulnerable Configurations

Part Description Count
Application
Phpbb_Group
2

References