Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-1699

Overview

Vulnerability Score 4.0 4.0
CVE Id CVE-2005-1699
Last Modified 07 Mar 2011 09:22:41
Published 24 May 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2005-1699

Summary

Directory traversal vulnerability in pnadminapi.php in the Xanthia module in PostNuke 0.760-RC3 allows remote administrators to read arbitrary files via a .. (dot dot) in the skin parameter.

Vulnerable Systems

Application

  • Postnuke Software Foundation Postnuke 0.760 Rc3


References

BUGTRAQ - 20050521 [SECURITYREASON.COM] PostNuke Non Critical SQL Injection and Include 0.760-RC3=>x cXIb8O3.10


Last Updated: 27 May 2016 10:40:16