5
CVE-2005-4026
- EPSS 1.37%
- Veröffentlicht 05.12.2005 11:03:00
- Zuletzt bearbeitet 16.06.2026 22:18:05
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Loginsearch.php in Geeklog 1.4.x before 1.4.0rc1, and 1.3.x before 1.3.11sr3, allows remote attackers to obtain sensitive information via invalid (1) datestart and (2) dateend parameters, which leaks the web server path in an error message.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.37% | 0.683 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
http://pridels0.blogspot.com/2005/11/geeklog-14x-full-path-disclosure-vuln.html
http://www.geeklog.net/article.php/geeklog-1.3.11sr3
http://www.osvdb.org/21398