CVE-2005-0796
published 2005-05-02CVE-2005-0796: Directory traversal vulnerability in HolaCMS 1.4.9-1 allows remote attackers to overwrite arbitrary files via a "holaDB/votes" followed by a .. (dot dot) in…
PriorityP427medium5CVSS 2.0
AVNACLAuNCNIPAN
EXPLOIT
EPSS
3.03%
85.8th percentile
Directory traversal vulnerability in HolaCMS 1.4.9-1 allows remote attackers to overwrite arbitrary files via a "holaDB/votes" followed by a .. (dot dot) in the vote_filename parameter, which bypasses the check by HolaCMS to ensure that the file is in the holaDB/votes directory.
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
2005-05-02
Published