Directory traversal vulnerability in PHPKIT 1.6.1 R2 and earlier might allow remote authenticated users to execute arbitrary PHP code via a .. (dot dot) in the path parameter and a %00 at the end of the filename, as demonstrated by an avatar filename ending with .png%00.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 00:04
Type | Values Removed | Values Added |
---|---|---|
References | () http://cert.uni-stuttgart.de/archive/bugtraq/2005/11/msg00110.html - Vendor Advisory | |
References | () http://secunia.com/advisories/17479 - Vendor Advisory | |
References | () http://securityreason.com/securityalert/157 - | |
References | () http://www.hardened-php.net/advisory_212005.80.html - Vendor Advisory | |
References | () http://www.osvdb.org/20562 - | |
References | () http://www.securityfocus.com/bid/15354 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/23014 - |
Information
Published : 2005-12-20 11:03
Updated : 2024-11-21 00:04
NVD link : CVE-2005-4424
Mitre link : CVE-2005-4424
CVE.ORG link : CVE-2005-4424
JSON object : View
Products Affected
phpkit
- phpkit
CWE