exploitDog

CVE-2005-2255

Опубликовано: 13 июл. 2005

Источник: nvd

CVSS2: 6.4

EPSS Низкий

Описание

Directory traversal vulnerability in PhpAuction 2.5 allows remote attackers to read arbitrary files, include local PHP files, or obtain sensitive path information via ".." sequences in the lan parameter to (1) index.php or (2) admin/index.php.

Ссылки

http://secunia.com/advisories/15967
http://securitytracker.com/id?1014423
Exploit
Vendor Advisory
http://secunia.com/advisories/15967
http://securitytracker.com/id?1014423
Exploit
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:gianluca_baldo:phpauction:2.5:*:*:*:*:*:*:*

EPSS

Процентиль: 50%

0.00265

Низкий

6.4 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-f5v5-r95w-q486

github

почти 4 года назад

Directory traversal vulnerability in PhpAuction 2.5 allows remote attackers to read arbitrary files, include local PHP files, or obtain sensitive path information via ".." sequences in the lan parameter to (1) index.php or (2) admin/index.php.

EPSS

Процентиль: 50%

0.00265

Низкий

6.4 Medium

CVSS2

Дефекты

NVD-CWE-Other