PT-2005-2807 · Phpcms · Phpcms

Bernhard Mueller

Published

2005-06-02

Updated

2016-10-18

CVE-2005-1840

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions phpCMS versions 1.2.x through 1.2.1pl1

Description A directory traversal issue exists, allowing remote attackers to read or include arbitrary files. This can be achieved by using a .. (dot dot) in the language parameter to "parser.php".

Recommendations For phpCMS versions 1.2.x through 1.2.1pl1, update to version 1.2.1pl2 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-1840

Affected Products

Phpcms

PT-2005-2807 · Phpcms · Phpcms

CVE-2005-1840

Related Identifiers

Affected Products

References · 6