CVE-2005-0933

Name of the Vulnerable Software and Affected Versions phpCOIN versions 1.2.1b and earlier

Description The issue allows remote attackers to read arbitrary files due to a directory traversal vulnerability in the auxpage.php file. This is achieved by manipulating the page parameter.

Recommendations For phpCOIN versions 1.2.1b and earlier, update to a version later than 1.2.1b to resolve the issue. As a temporary workaround, consider restricting access to the auxpage.php file or limiting the page parameter to prevent directory traversal attacks.