Описание
Directory traversal vulnerability in connector.php in the fckeditor2rc2 addon in DoceboLMS 2.0.4 allows remote attackers to list arbitrary files and directories via ".." sequences in the Type parameter in a GetFoldersAndFiles command.
Directory traversal vulnerability in connector.php in the fckeditor2rc2 addon in DoceboLMS 2.0.4 allows remote attackers to list arbitrary files and directories via ".." sequences in the Type parameter in a GetFoldersAndFiles command.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2005-4095
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23518
- http://rgod.altervista.org/docebo204_xpl.html
- http://secunia.com/advisories/1015308
- http://secunia.com/advisories/17896
- http://securitytracker.com/id?1015308
- http://www.osvdb.org/21464
- http://www.securityfocus.com/bid/15742
- http://www.vupen.com/english/advisories/2005/2771
EPSS
Процентиль: 93%
0.11257
Средний
CVE ID
Связанные уязвимости
nvd
около 20 лет назад
Directory traversal vulnerability in connector.php in the fckeditor2rc2 addon in DoceboLMS 2.0.4 allows remote attackers to list arbitrary files and directories via ".." sequences in the Type parameter in a GetFoldersAndFiles command.
EPSS
Процентиль: 93%
0.11257
Средний