Lucene search

[email protected]CVE-2005-2997

HistorySep 20, 2005 - 10:03 p.m.

CVE-2005-2997

2005-09-2022:03:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

php

advanced transfer manager

vulnerability

directory traversal

remote code execution

nvd

cve-2005-2997

7.8 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

64.6%

JSON

Multiple directory traversal vulnerabilities in PHP Advanced Transfer Manager 1.30 allow remote attackers to read arbitrary files via “…” sequences in (1) the currentdir parameter to txt.php, or the current_dir parameter to (2) htm.php or (3) html.php.

CPENameOperatorVersion
bugada_andrea:php_advanced_transfer_managerbugada andrea php advanced transfer managereq1.30

CPE	Name	Operator	Version
bugada_andrea:php_advanced_transfer_manager	bugada andrea php advanced transfer manager	eq	1.30

References

rgod.altervista.org/phpatm130.html

secunia.com/advisories/16867

7.8 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

64.6%

JSON