CVE-2005-4013

Name of the Vulnerable Software and Affected Versions PHP Web Statistik version 1.4

Description The issue allows remote attackers to obtain sensitive information, including statistics and the log directory location, possibly the logdb.dta file, due to insufficient access control of the stat.cfg file stored under the web root.

Recommendations For PHP Web Statistik version 1.4, consider restricting access to the stat.cfg file to prevent remote attackers from obtaining sensitive information. As a temporary workaround, restrict access to the stat.cfg file until a proper fix is applied.