CVE-2005-2786 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2005-2786

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

Directory traversal vulnerability in bestmail_edit.cgi in cosmoshop 8.10.78 and earlier allows remote administrators to read arbitrary files via .. sequences in the file parameter.

Affected Software

Name	Vendor	Start Version	End Version
Cosmoshop	Cosmoshop	8.10.78 (including)	8.10.78 (including)

References

http://marc.info/?l=bugtraq\u0026m=112534390600093\u0026w=2
http://secunia.com/advisories/16625/
http://marc.info/?l=bugtraq\u0026m=112534390600093\u0026w=2
http://secunia.com/advisories/16625/