CVE-2005-4160
published 2005-12-11CVE-2005-4160: Directory traversal vulnerability in getdox.php in Torrential 1.2 allows remote attackers to read arbitrary files via "../" sequences in the query string…
PriorityP431medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
3.07%
86.0th percentile
Directory traversal vulnerability in getdox.php in Torrential 1.2 allows remote attackers to read arbitrary files via "../" sequences in the query string argument.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| torrential | torrential | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-v8wj-8g43-8vw2: Directory traversal vulnerability in getdox
ghsa_unreviewed·2022-05-01
CVE-2005-4160 [MEDIUM] GHSA-v8wj-8g43-8vw2: Directory traversal vulnerability in getdox
Directory traversal vulnerability in getdox.php in Torrential 1.2 allows remote attackers to read arbitrary files via "../" sequences in the query string argument.
GHSA
GHSA-9w4g-4569-rg67: Cross-site scripting (XSS) vulnerability in getdox
ghsa_unreviewed·2022-05-01·CVSS 5.0
CVE-2005-4253 [MEDIUM] GHSA-9w4g-4569-rg67: Cross-site scripting (XSS) vulnerability in getdox
Cross-site scripting (XSS) vulnerability in getdox.php in Torrential 1.2 allows remote attackers to inject arbitrary web script or HTML via the URL. NOTE: this might be resultant from CVE-2005-4160.
No detection rules found.
No writeups or analysis indexed.
http://securitytracker.com/id?1015338http://www.osvdb.org/21305http://www.securityfocus.com/archive/1/419103/100/0/threadedhttp://www.securityfocus.com/bid/15530https://exchange.xforce.ibmcloud.com/vulnerabilities/23219http://securitytracker.com/id?1015338http://www.osvdb.org/21305http://www.securityfocus.com/archive/1/419103/100/0/threadedhttp://www.securityfocus.com/bid/15530https://exchange.xforce.ibmcloud.com/vulnerabilities/23219
2005-12-11
Published