CVE-2005-0572 | Vulnerability Database | Aqua Security

index.php in phpWebSite 0.10.0 and earlier allows remote attackers to obtain sensitive information via an invalid SEA_search_module parameter, which reveals the path in a PHP error message.

Affected Software

Name	Vendor	Start Version	End Version
Phpwebsite	Phpwebsite	0.9.0 (including)	0.9.0 (including)
Phpwebsite	Phpwebsite	0.9.1 (including)	0.9.1 (including)
Phpwebsite	Phpwebsite	0.9.2 (including)	0.9.2 (including)
Phpwebsite	Phpwebsite	0.9.2.1 (including)	0.9.2.1 (including)
Phpwebsite	Phpwebsite	0.9.3 (including)	0.9.3 (including)
Phpwebsite	Phpwebsite	0.9.3.1 (including)	0.9.3.1 (including)
Phpwebsite	Phpwebsite	0.9.3.2 (including)	0.9.3.2 (including)
Phpwebsite	Phpwebsite	0.9.3.3 (including)	0.9.3.3 (including)
Phpwebsite	Phpwebsite	0.9.3.4 (including)	0.9.3.4 (including)
Phpwebsite	Phpwebsite	0.10.0 (including)	0.10.0 (including)

References

http://marc.info/?l=bugtraq\u0026m=110935172116369\u0026w=2
http://neossecurity.net/Advisories/Advisory-05.txt
http://www.gentoo.org/security/en/glsa/glsa-200503-04.xml
https://exchange.xforce.ibmcloud.com/vulnerabilities/19480

NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-0572
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html