CVE-2005-0655
First published: Mon Mar 07 2005(Updated: )
auraCMS 1.5 allows remote attackers to obtain sensitive information via an HTTP request with an invalid id parameter to (1) teman.php, (2) hal.php, or (3) arsip.php, which reveals the path in a PHP error message.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| auraCMS | =1.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2005-0655?
CVE-2005-0655 is classified as a medium severity vulnerability due to its potential to expose sensitive information.
How do I fix CVE-2005-0655?
To fix CVE-2005-0655, you should sanitize inputs and handle errors properly to prevent PHP error messages from revealing sensitive information.
What type of attack does CVE-2005-0655 represent?
CVE-2005-0655 represents an information disclosure vulnerability that can be exploited by remote attackers.
Which versions of auraCMS are affected by CVE-2005-0655?
CVE-2005-0655 affects auraCMS version 1.5.
What files in auraCMS are associated with CVE-2005-0655?
CVE-2005-0655 is associated with the files teman.php, hal.php, and arsip.php in auraCMS.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/last-modified-date
- agent/weakness
- agent/references
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/arif supriyanto
- vendor/auracms
- canonical/auracms
- version/auracms/1.5