Vulnerability Details CVE-2005-2892
Directory traversal vulnerability in setcookie.php in PBLang 4.65, and possibly earlier versions, allows remote attackers to read arbitrary files via ".." sequences and "%00" (trailing null byte) in the u parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.058
EPSS Ranking 90.1%
CVSS Severity
CVSS v2 Score 5.0
References
- http://marc.info/?l=bugtraq&m=112611338417979&w=2
- http://secunia.com/advisories/16711/
- http://securitytracker.com/alerts/2005/Sep/1014861.html
- http://www.securityfocus.com/bid/14765
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22185
- http://marc.info/?l=bugtraq&m=112611338417979&w=2
- http://secunia.com/advisories/16711/
- http://securitytracker.com/alerts/2005/Sep/1014861.html
- http://www.securityfocus.com/bid/14765
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22185