CVE-2005-3645

Name of the Vulnerable Software and Affected Versions phpAdsNew and phpPgAds version 2.0.6 and earlier

Description The issue allows remote attackers to obtain sensitive information, including the application installation path, by making direct requests to certain files. This is possible due to the exposure of sensitive data when display errors is enabled. The affected files include "create.php", "lib-updates.inc.php", "lib-targetstats.inc.php", "lib-size.inc.php", "lib-misc-stats.inc.php", "lib-hourly-hosts.inc.php", "lib-hourly.inc.php", "lib-history.inc.php", and "graph-daily.php".

Recommendations For phpAdsNew and phpPgAds version 2.0.6 and earlier, consider disabling the display of errors to prevent the exposure of sensitive information. Restrict access to the mentioned files to minimize the risk of exploitation. Avoid using the affected files until a patch or fix is available. At the moment, there is no information about a newer version that contains a fix for this issue.