CVE-2005-4376
published 2005-12-20CVE-2005-4376: Directory traversal vulnerability in Amaxus 3 and earlier allows remote attackers to access arbitrary files via ".." sequences in the change parameter.
PriorityP426medium5CVSS 2.0
AVNACLAuNCPINAN
EPSS
1.45%
70.1th percentile
Directory traversal vulnerability in Amaxus 3 and earlier allows remote attackers to access arbitrary files via ".." sequences in the change parameter.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| box_uk | amaxus | <= 3 | — |
| box_uk | amaxus | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-gw88-r7fv-vm9q: Directory traversal vulnerability in Amaxus 3 and earlier allows remote attackers to access arbitrary files via "
ghsa_unreviewed·2022-05-01
CVE-2005-4376 [MEDIUM] GHSA-gw88-r7fv-vm9q: Directory traversal vulnerability in Amaxus 3 and earlier allows remote attackers to access arbitrary files via "
Directory traversal vulnerability in Amaxus 3 and earlier allows remote attackers to access arbitrary files via ".." sequences in the change parameter.
GHSA
GHSA-gc4c-2wvp-mgjx: Cross-site scripting (XSS) vulnerability in Amaxus 3 and earlier allows remote attackers to inject arbitrary web script or HTML via the change paramet
ghsa_unreviewed·2022-05-01·CVSS 5.0
CVE-2005-4375 [MEDIUM] GHSA-gc4c-2wvp-mgjx: Cross-site scripting (XSS) vulnerability in Amaxus 3 and earlier allows remote attackers to inject arbitrary web script or HTML via the change paramet
Cross-site scripting (XSS) vulnerability in Amaxus 3 and earlier allows remote attackers to inject arbitrary web script or HTML via the change parameter. NOTE: it is possible that this is resultant from CVE-2005-4376.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2005-12-20
Published