CVE-2005-2433

Name of the Vulnerable Software and Affected Versions PhpList (affected versions not specified)

Description The issue allows remote attackers to obtain sensitive information via direct requests to various PHP files. These include files such as about.php, connect.php, domainstats.php, usercheck.php in the public html/lists/admin directory, attributes.php, dbcheck.php, importcsv.php, user.php, usermgt.php, users.php in the admin/commonlib/pages directory, helloworld.php, sidebar.php in the public html/lists/admin/plugins directory, and main.php in the public html/lists/admin/plugins/defaultplugin directory. The sensitive information is revealed through error messages that include the path.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.