Vulnerability Database
296,853
Total vulnerabilities in the database
CVE-2005-4214
phpCOIN 1.2.2 allows remote attackers to obtain the installation path via a direct request to config.php, which leaks the path in an error message because the _CCFG['_PKG_PATH_DBSE'] variable is not defined.
| Software | From | Fixed in |
|---|---|---|
| coinsoft_technologies / phpcoin | 1.2.2 | 1.2.2.x |
- http://forums.phpcoin.com/index.php?showtopic=5469
- http://rgod.altervista.org/phpcoin_122_sql_xpl.html
- http://rgod.altervista.org/phpcoin122.html
- http://secunia.com/advisories/18030
- http://securitytracker.com/id?1015345
- http://www.osvdb.org/21726
- http://www.securityfocus.com/archive/1/419382/100/0/threaded
- http://www.vupen.com/english/advisories/2005/2888
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime