setcookie.php in PBLang 4.65, and possibly earlier versions, allows remote attackers to obtain sensitive information via a %00 (a null byte) in the u parameter, which reveals the path in an error message.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published: 2005-09-14T04:00:00
Updated: 2024-08-07T22:53:29.629Z
Reserved: 2005-09-14T00:00:00
Link: CVE-2005-2895

No data.

Status : Modified
Published: 2005-09-14T20:03:00.000
Modified: 2024-11-21T00:00:41.087
Link: CVE-2005-2895

No data.