Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2997

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-2997
Last Modified 05 Sep 2008 04:53:11
Published 20 Sep 2005 06:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-2997

Summary

Multiple directory traversal vulnerabilities in PHP Advanced Transfer Manager 1.30 allow remote attackers to read arbitrary files via ".." sequences in (1) the currentdir parameter to txt.php, or the current_dir parameter to (2) htm.php or (3) html.php.

Vulnerable Systems

Application

  • Bugada Andrea Php Advanced Transfer Manager 1.30


References

SECUNIA - 16867

MISC - http://rgod.altervista.org/phpatm130.html


Last Updated: 27 May 2016 10:40:42