Back to search
CVE-2005-4013
Published: Dec 5, 2005
Modified: Aug 7, 2024
PUBLISHED
Description
PHP Web Statistik 1.4 stores the stat.cfg file under the web root with insufficient access control, which allows remote attackers to obtain sensitive information such as statistics and the log directory location, possibly including the logdb.dta file.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
21210
vdb-entry
x_refsource_OSVDB
ADV-2005-2645
vdb-entry
x_refsource_VUPEN
http://freewebstat.com/changelog-english.html
x_refsource_MISC
phpwebstatistik-stat-logdb-obtain-info(23382)
vdb-entry
x_refsource_XF
21209
vdb-entry
x_refsource_OSVDB
20051128 Php Web Statistik Multiple Vulnerabilities
mailing-list
x_refsource_BUGTRAQ
17789
third-party-advisory
x_refsource_SECUNIA
http://www.ush.it/2005/11/19/php-web-statistik/
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now