2 matches found
Directory traversal
Directory traversal vulnerability in parser/include/class.cachephpcms.php in phpCMS 1.2.2 allows remote attackers to read arbitrary files via a .. dot dot in the file parameter to parser/parser.php, as demonstrated by a filename ending with %00.gif, a different vector than CVE-2005-1840...
CVE-2005-1840
CVE-2005-1840 describes a directory traversal vulnerability in phpCMS 1.2.x before 1.2.1pl2, where an attacker can read or include arbitrary files by manipulating the language parameter to parser.php (via a .. path traversal). Affects phpCMS 1.2.x line; vulnerability demonstrated by using a dot-d...