Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-0327

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-0327
Last Modified 05 Sep 2008 04:45:58
Published 02 May 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-0327

Summary

pafiledb.php in Pafiledb 3.1 may allow remote attackers to execute arbitrary PHP code via a modified action parameter that is used in an include statement for login.php.

Vulnerable Systems

Application

  • Php Arena Pafiledb 3.1


References

XF - pafiledb-login-file-include(19176)

BUGTRAQ - 20050131 [PersianHacker.net] Full Path Disclosure and PHP Injection In Pafiledb 3.1 Final


Last Updated: 27 May 2016 10:39:46