CVE-2005-1201

Name of the Vulnerable Software and Affected Versions AZ Bulletin board (AZbb) versions prior to 1.0.08

Description The issue allows remote authenticated users with administrative privileges to delete arbitrary files by utilizing a .. (dot dot) in the URL to admin avatar.php or admin attachment.php. Additionally, remote attackers can enumerate files via a .. (dot dot) in the attachment parameter to attachment.php, which displays different messages based on whether a file exists or not.

Recommendations For versions prior to 1.0.08, update to version 1.0.08 or later to resolve the issue. As a temporary workaround, consider restricting access to admin avatar.php, admin attachment.php, and attachment.php to minimize the risk of exploitation. Avoid using the attachment parameter in the attachment.php endpoint until the issue is resolved.