CVE Vulnerabilities

CVE-2005-3910

Published: Nov 30, 2005 | Modified: Oct 09, 2009

CVSS 3.x

N/A

Source:

NVD

CVSS 2.x

5 MEDIUM

RedHat/V2

RedHat/V3

Ubuntu

Additional information

NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-3910
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html

merchants/index.php in Post Affiliate Pro 2.0.4 and earlier, with magic_quotes_gpc disabled, allows remote attackers to include arbitrary local files via the md parameter, possibly due to a directory traversal vulnerability.

Affected Software

Name	Vendor	Start Version	End Version
Post_affiliate_pro	Post_affiliate_pro	2.0.4 (including)	2.0.4 (including)

References

http://pridels0.blogspot.com/2005/11/post-affiliate-pro-20x-vuln.html

Aqua Container Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.