CVE-2005-0724

Name of the Vulnerable Software and Affected Versions paFileDB versions 3.1 and earlier

Description The issue allows remote attackers to obtain sensitive information. This can be achieved via an invalid str parameter to "pafiledb.php" or through direct requests to various PHP files, including "viewall.php", "stats.php", "search.php", "rate.php", "main.php", "license.php", "category.php", "download.php", "file.php", "email.php", or "admin.php". These requests can reveal the path in a PHP error message.

Recommendations For paFileDB versions 3.1 and earlier, update to a version later than 3.1 to resolve the issue. As a temporary workaround, consider restricting access to the mentioned PHP files to minimize the risk of exploitation.