CVE-2005-4797

Public exploit
Directory traversal vulnerability in printd line printer daemon (lpd) in Solaris 7 through 10 allows remote attackers to delete arbitrary files via ".." sequences in an "Unlink data file" command.
Max CVSS
5.0
EPSS Score
96.19%
Published
2005-12-31
Updated
2018-10-30
Unspecified vulnerability in index.php in PEARLINGER Pearl Forums 2.4 allows remote attackers to include arbitrary files via the mode parameter, possibly due to a directory traversal vulnerability. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Max CVSS
5.0
EPSS Score
2.04%
Published
2005-12-31
Updated
2017-07-20
Directory traversal vulnerability in eFileGo 3.01 allows remote attackers to execute arbitrary code, read arbitrary files, and upload arbitrary files via a ... (triple dot) in (1) the URL on port 608 and (2) the argument to upload.exe.
Max CVSS
7.5
EPSS Score
3.71%
Published
2005-12-31
Updated
2008-09-05
Directory traversal vulnerability in tiny_mce_gzip.php in TinyMCE Compressor PHP before 1.06 allows remote attackers to read or include arbitrary files via a trailing null byte (%00) in the (1) theme, (2) language, (3) plugins, or (4) lang parameter.
Max CVSS
6.4
EPSS Score
0.64%
Published
2005-12-31
Updated
2018-10-19
dir/include.html in IceWarp Web Mail 5.5.1, as used by Merak Mail Server 8.3.0r and VisNetic Mail Server version 8.3.0 build 1, allows remote attackers to include arbitrary local files via a null byte (%00) in the lang parameter, possibly due to a directory traversal vulnerability.
Max CVSS
5.0
EPSS Score
1.36%
Published
2005-12-28
Updated
2018-10-19
Directory traversal vulnerability in server.np in NetPublish Server 7 allows remote attackers to read arbitrary files via "../" sequences in the template parameter.
Max CVSS
5.0
EPSS Score
1.68%
Published
2005-12-23
Updated
2016-10-18
Directory traversal vulnerability in help_text_vars.php in PHPGedView 3.3.7 and earlier allows remote attackers to read and include arbitrary files via a .. (dot dot) in the PGV_BASE_DIRECTORY parameter.
Max CVSS
5.0
EPSS Score
0.59%
Published
2005-12-22
Updated
2018-10-19
Directory traversal vulnerability in PHPKIT 1.6.1 R2 and earlier might allow remote authenticated users to execute arbitrary PHP code via a .. (dot dot) in the path parameter and a %00 at the end of the filename, as demonstrated by an avatar filename ending with .png%00.
Max CVSS
6.5
EPSS Score
0.53%
Published
2005-12-20
Updated
2017-07-20
Directory traversal vulnerability in Amaxus 3 and earlier allows remote attackers to access arbitrary files via ".." sequences in the change parameter.
Max CVSS
5.0
EPSS Score
0.33%
Published
2005-12-20
Updated
2017-07-20
Directory traversal vulnerability in index2.php in Limbo CMS 1.0.4.2 and earlier allows remote attackers to include arbitrary PHP files via ".." sequences in the option parameter.
Max CVSS
5.0
EPSS Score
12.18%
Published
2005-12-17
Updated
2018-10-19
Directory traversal vulnerability in index.php in ezDatabase 2.1.2 and earlier allows remote attackers to include arbitrary local files via ".." sequences in the p parameter.
Max CVSS
5.0
EPSS Score
1.76%
Published
2005-12-17
Updated
2011-03-08
Directory traversal vulnerability in mcGallery PRO 2.2 and earlier allows remote attackers to read arbitrary files via the language parameter.
Max CVSS
5.0
EPSS Score
1.82%
Published
2005-12-14
Updated
2011-03-08
Directory traversal vulnerability in coin_includes/db.php in phpCOIN 1.2.2 allows remote attackers to read arbitrary local files via ".." (dot dot) sequences in the $_CCFG[_PKG_PATH_DBSE] variable.
Max CVSS
5.0
EPSS Score
3.88%
Published
2005-12-14
Updated
2018-10-19
Directory traversal vulnerability in Flatnuke 2.5.6 allows remote attackers to access arbitrary files via a .. (dot dot) and null byte (%00) in the id parameter of the read module.
Max CVSS
5.0
EPSS Score
0.42%
Published
2005-12-13
Updated
2018-10-19
Multiple directory traversal vulnerabilities in LogiSphere 0.9.9j allow remote attackers to access arbitrary files via (1) .. (dot dot), (2) "..." (triple dot), and (3) "..//" sequences in the URL, (4) "../" sequences in the source parameter to viewsource.jsp, or (5) "..\" (dot dot backslash) sequences in the NS-query-pat parameter to the search URL. URL.
Max CVSS
5.0
EPSS Score
1.72%
Published
2005-12-13
Updated
2017-07-20
Directory traversal vulnerability in My Album Online 1.0 allows remote attackers to access arbitrary files via ".../" (triple dot) sequences in unspecified vectors.
Max CVSS
5.0
EPSS Score
0.68%
Published
2005-12-13
Updated
2017-07-20
Directory traversal vulnerability in captcha.php in Captcha PHP 0.9 allows remote attackers to read arbitrary files via the _tcf parameter.
Max CVSS
5.0
EPSS Score
0.27%
Published
2005-12-11
Updated
2011-03-08
Directory traversal vulnerability in getdox.php in Torrential 1.2 allows remote attackers to read arbitrary files via "../" sequences in the query string argument.
Max CVSS
5.0
EPSS Score
2.00%
Published
2005-12-11
Updated
2018-10-19
Directory traversal vulnerability in connector.php in the fckeditor2rc2 addon in DoceboLMS 2.0.4 allows remote attackers to list arbitrary files and directories via ".." sequences in the Type parameter in a GetFoldersAndFiles command.
Max CVSS
5.0
EPSS Score
1.55%
Published
2005-12-08
Updated
2017-07-20
Directory traversal vulnerability in acceptDecline.php in Sugar Suite Open Source Customer Relationship Management (SugarCRM) 4.0 beta and earlier allows remote attackers to include arbitrary local files via ".." sequences in the beanFiles array parameter.
Max CVSS
5.0
EPSS Score
0.69%
Published
2005-12-08
Updated
2011-03-08
Directory traversal vulnerability in xs_edit.php in the eXtreme Styles phpBB module 2.2.1 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the edit parameter.
Max CVSS
5.0
EPSS Score
0.34%
Published
2005-12-08
Updated
2018-10-19
Directory traversal vulnerability in index.cfm in CF_Nuke 4.6 and earlier, when Sandbox Security is disabled, allows remote attackers to include arbitrary local .cfm files via a .. (dot dot) in the (1) sector or (2) page parameters.
Max CVSS
5.0
EPSS Score
3.66%
Published
2005-12-08
Updated
2017-07-20
Directory traversal vulnerability in arhiva.php in Web4Future Portal Solutions News Portal allows remote attackers to read arbitrary files via the dir parameter.
Max CVSS
7.8
EPSS Score
1.71%
Published
2005-12-06
Updated
2017-07-20
Directory traversal vulnerability in main.php in PHPAlbum 0.2.3 and earlier allows remote attackers to read arbitrary files via the (1) cmd and (2) var1 parameters.
Max CVSS
5.0
EPSS Score
1.45%
Published
2005-12-01
Updated
2008-10-03
Directory traversal vulnerability in index.php in PHP Upload Center allows remote attackers to read arbitrary files via "../" sequences in the filename parameter.
Max CVSS
5.0
EPSS Score
1.93%
Published
2005-12-01
Updated
2017-07-20
204 vulnerabilities found
1 2 3 4 5 6 7 8 9
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!