CVE-2005-0258

2005-03-14T05:00:00
ID CVE-2005-0258
Type cve
Reporter cve@mitre.org
Modified 2008-09-10T19:35:00

Description

Directory traversal vulnerability in (1) usercp_register.php and (2) usercp_avatar.php for phpBB 2.0.11, and possibly other versions, with gallery avatars enabled, allows remote attackers to delete (unlink) arbitrary files via "/../" sequences in the avatarselect parameter.