CVE-2005-3789
published 2005-11-24CVE-2005-3789: Multiple directory traversal vulnerabilities in phpwcms 1.2.5 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) form_lang parameter…
PriorityP426medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
3.42%
87.4th percentile
Multiple directory traversal vulnerabilities in phpwcms 1.2.5 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) form_lang parameter in login.php and (2) the imgdir parameter in random_image.php.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| phpwcms | phpwcms | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
PHPWCMS 1.2.5 -DEV - 'imgdir' Traversal Arbitrary File Access
exploitdb·2005-11-15
CVE-2005-3789 PHPWCMS 1.2.5 -DEV - 'imgdir' Traversal Arbitrary File Access
PHPWCMS 1.2.5 -DEV - 'imgdir' Traversal Arbitrary File Access
---
source: https://www.securityfocus.com/bid/15436/info
phpWCMS is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input.
An attacker may leverage these issues to obtain sensitive information that may help with further attacks on the affected computer.
http://www.example.com/phpwcms/img/random_image.php?imgdir=../../../etc/
Exploit-DB
PHPWCMS 1.2.5 -DEV - 'login.php?form_lang' Traversal Arbitrary File Access
exploitdb·2005-11-15
CVE-2005-3789 PHPWCMS 1.2.5 -DEV - 'login.php?form_lang' Traversal Arbitrary File Access
PHPWCMS 1.2.5 -DEV - 'login.php?form_lang' Traversal Arbitrary File Access
---
source: https://www.securityfocus.com/bid/15436/info
phpWCMS is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input.
An attacker may leverage these issues to obtain sensitive information that may help with further attacks on the affected computer.
http://www.example.com/phpwcms/login.php?form_lang=../../../../../../../../etc/passwd%00
No writeups or analysis indexed.
http://marc.info/?l=bugtraq&m=113207712719472&w=2http://secunia.com/advisories/17590/http://www.securityfocus.com/bid/15436/http://www.vupen.com/english/advisories/2005/2452http://marc.info/?l=bugtraq&m=113207712719472&w=2http://secunia.com/advisories/17590/http://www.securityfocus.com/bid/15436/http://www.vupen.com/english/advisories/2005/2452
2005-11-24
Published