Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2635

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-2635
Last Modified 05 Sep 2008 04:52:17
Published 23 Aug 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-2635

Summary

Multiple directory traversal vulnerabilities in phpAdsNew and phpPgAds before 2.0.6 allow remote attackers to include arbitrary files via a .. (dot dot) in the (1) layerstyle parameter to adlayer.php or (2) language parameter to js-form.php.

Vulnerable Systems

Application

  • Phpadsnew 2.0.5

  • Phppgads 2.0.5


References

XF - phppgads-multiple-file-include(21880)

BID - 14584

BUGTRAQ - 20050817 [PHPADSNEW-SA-2005-001] phpAdsNew and phpPgAds 2.0.6 fix multiple vulnerabilities

MISC - http://www.securityreason.com/adv/phpAdsnew.SR.16.asc

SECUNIA - 16469


Last Updated: 27 May 2016 10:40:34