Unrated severityNVD Advisory· Published Dec 5, 2005· Updated Apr 16, 2026

CVE-2005-4013

Description

PHP Web Statistik 1.4 stores the stat.cfg file under the web root with insufficient access control, which allows remote attackers to obtain sensitive information such as statistics and the log directory location, possibly including the logdb.dta file.

Affected products

Php Web/Statistik
cpe:2.3:a:php_web:statistik:1.4:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.ush.it/2005/11/19/php-web-statistik/nvdPatchVendor Advisory
cert.uni-stuttgart.de/archive/bugtraq/2005/11/msg00325.htmlnvdVendor Advisory
secunia.com/advisories/17789nvdVendor Advisory
freewebstat.com/changelog-english.htmlnvd
www.osvdb.org/21209nvd
www.osvdb.org/21210nvd
www.vupen.com/english/advisories/2005/2645nvd
exchange.xforce.ibmcloud.com/vulnerabilities/23382nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000