CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2004-2255

Directory traversal vulnerability in phpMyFAQ 1.3.12 allows remote attackers to read arbitrary files, and possibly execute local PHP files, via the action variable, which is used as part of a template filename.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.047

EPSS Ranking 89.0%

CVSS Severity

CVSS v2 Score 6.4

References

http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0906.html
http://secunia.com/advisories/11640
http://securitytracker.com/id?1010190
http://www.osvdb.org/6300
http://www.phpmyfaq.de/advisory_2004-05-18.php
http://www.securityfocus.com/bid/10374
https://exchange.xforce.ibmcloud.com/vulnerabilities/16177
http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0906.html
http://secunia.com/advisories/11640
http://securitytracker.com/id?1010190
http://www.osvdb.org/6300
http://www.phpmyfaq.de/advisory_2004-05-18.php
http://www.securityfocus.com/bid/10374
https://exchange.xforce.ibmcloud.com/vulnerabilities/16177

Products affected by CVE-2004-2255

Phpmyfaq » Phpmyfaq » Version: 1.3.12

cpe:2.3:a:phpmyfaq:phpmyfaq:1.3.12

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-2255

Products

Pricing

Contact Us