CVE Vulnerabilities

CVE-2005-2001

Published: Jun 15, 2005 | Modified: Oct 18, 2016
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

Directory traversal vulnerability in pafiledb.php in paFileDB 3.1 and earlier allows remote attackers to include arbitrary files via a .. (dot dot) in the action parameter.

Affected Software

Name Vendor Start Version End Version
Pafiledb Php_arena 1.1.3 1.1.3
Pafiledb Php_arena 2.1.1 2.1.1
Pafiledb Php_arena 3.0 3.0
Pafiledb Php_arena 3.0_beta_3.1 3.0_beta_3.1
Pafiledb Php_arena 3.1 3.1

References