CVE-2005-1571

Name of the Vulnerable Software and Affected Versions ShowOff! version 1.5.4

Description The issue allows remote attackers to read arbitrary files via ".." sequences in arguments to the (1) ShowAlbum, (2) ShowVideo, or (3) ShowGraphic scripts. This is due to multiple directory traversal vulnerabilities.

Recommendations For ShowOff! version 1.5.4, consider restricting access to the ShowAlbum, ShowVideo, and ShowGraphic scripts until a patch is available. As a temporary workaround, avoid using arguments with ".." sequences in these scripts to minimize the risk of exploitation.