Описание
Directory traversal vulnerability in the create function in xarMLSXML2PHPBackend.php in Xaraya 1.0 allows remote attackers to create directories and overwrite arbitrary files via ".." sequences in the module parameter to index.php.
Directory traversal vulnerability in the create function in xarMLSXML2PHPBackend.php in Xaraya 1.0 allows remote attackers to create directories and overwrite arbitrary files via ".." sequences in the module parameter to index.php.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2005-3929
- http://rgod.altervista.org/xaraya1DOS.hmtl
- http://secunia.com/advisories/17788
- http://securityreason.com/securityalert/217
- http://www.securityfocus.com/archive/1/418087/100/0/threaded
- http://www.securityfocus.com/archive/1/418191/100/0/threaded
- http://www.securityfocus.com/archive/1/418209/100/0/threaded
- http://www.securityfocus.com/bid/15623
- http://www.vupen.com/english/advisories/2005/2665
EPSS
Процентиль: 92%
0.09022
Низкий
CVE ID
Связанные уязвимости
nvd
около 20 лет назад
Directory traversal vulnerability in the create function in xarMLSXML2PHPBackend.php in Xaraya 1.0 allows remote attackers to create directories and overwrite arbitrary files via ".." sequences in the module parameter to index.php.
EPSS
Процентиль: 92%
0.09022
Низкий