Vulnerability Details CVE-2004-2256
Directory traversal vulnerability in phpMyFAQ 1.4.0 alpha allows remote attackers to read arbitrary files, and possibly execute local PHP files, via .. sequences in the lang (language) variable.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.047
EPSS Ranking 89.0%
CVSS Severity
CVSS v2 Score 5.0
References
- http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0906.html
- http://secunia.com/advisories/11640
- http://securitytracker.com/id?1010190
- http://www.phpmyfaq.de/advisory_2004-05-18.php
- http://www.securityfocus.com/archive/1/363636
- http://www.securityfocus.com/bid/10377
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16223
- http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0906.html
- http://secunia.com/advisories/11640
- http://securitytracker.com/id?1010190
- http://www.phpmyfaq.de/advisory_2004-05-18.php
- http://www.securityfocus.com/archive/1/363636
- http://www.securityfocus.com/bid/10377
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16223