Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2255

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2005-2255
Last Modified 05 Sep 2008 04:51:17
Published 13 Jul 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-2255

Summary

Directory traversal vulnerability in PhpAuction 2.5 allows remote attackers to read arbitrary files, include local PHP files, or obtain sensitive path information via ".." sequences in the lan parameter to (1) index.php or (2) admin/index.php.

Vulnerable Systems

Application

  • Gianluca Baldo Phpauction 2.5


References

SECTRACK - 1014423

SECUNIA - 15967


Last Updated: 27 May 2016 10:40:27