Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3307

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-3307
Last Modified 07 Mar 2011 09:26:15
Published 25 Oct 2005 09:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-3307

Summary

Directory traversal vulnerability in index.php for FlatNuke 2.5.6 allows remote attackers to read arbitrary files via ".." sequences in the (1) user parameter in a profile operation or (2) quale parameter in a newtopic operation.

Vulnerable Systems


References

VUPEN - ADV-2005-2178

SECUNIA - 17291

BUGTRAQ - 20051022 File Including In FLAT NUKE

BID - 15172

OSVDB - 20245


Last Updated: 27 May 2016 10:40:52