Lucene search
HistoryMay 24, 2005 - 4:00 a.m.
CVE-2005-1699
cve
directory traversal
pnadminapi.php
xanthia module
postnuke 0.760-rc3
remote administrators
arbitrary files
6.6 Medium
AI Score
Confidence
Low
4 Medium
CVSS2
Access Vector
Access Complexity
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
36.4%
Directory traversal vulnerability in pnadminapi.php in the Xanthia module in PostNuke 0.760-RC3 allows remote administrators to read arbitrary files via a … (dot dot) in the skin parameter.
Affected configurations
Node
postnuke_software_foundationpostnukeMatch0.760_rc3
| CPE | Name | Operator | Version |
|---|---|---|---|
| postnuke_software_foundation:postnuke | postnuke software foundation postnuke | eq | 0.760_rc3 |
Related
cvelist
cvelist
CVE-2005-1699
2005-05-24 04:00:00
nvd
nvd
CVE-2005-1699
2005-05-24 04:00:00
nessus
nessus
PostNuke <= 0.760 RC4a Multiple Vulnerabilities
2005-05-23 00:00:00
6.6 Medium
AI Score
Confidence
Low
4 Medium
CVSS2
Access Vector
Access Complexity
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
36.4%
Related for CVE-2005-1699