CVE Vulnerabilities

CVE-2004-0127

Published: Mar 03, 2004 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Directory traversal vulnerability in editconfig_gedcom.php for phpGedView 2.65.1 and earlier allows remote attackers to read arbitrary files or execute arbitrary PHP programs on the server via .. (dot dot) sequences in the gedcom_config parameter.

Affected Software

Name Vendor Start Version End Version
Phpgedview Phpgedview 2.52.3 2.52.3
Phpgedview Phpgedview 2.60 2.60
Phpgedview Phpgedview 2.61 2.61
Phpgedview Phpgedview 2.61.1 2.61.1
Phpgedview Phpgedview 2.65 2.65
Phpgedview Phpgedview 2.65.1 2.65.1

References