Vulnerability Details CVE-2005-3948
Directory traversal vulnerability in main.php in PHPAlbum 0.2.3 and earlier allows remote attackers to read arbitrary files via the (1) cmd and (2) var1 parameters.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.048
EPSS Ranking 89.0%
CVSS Severity
CVSS v2 Score 5.0
References
- http://pridels0.blogspot.com/2005/11/phpalbum-local-file-include-vuln.html
- http://www.osvdb.org/21410
- http://www.phpalbum.net/dw
- http://www.securityfocus.com/bid/15651
- http://pridels0.blogspot.com/2005/11/phpalbum-local-file-include-vuln.html
- http://www.osvdb.org/21410
- http://www.phpalbum.net/dw
- http://www.securityfocus.com/bid/15651
Products affected by CVE-2005-3948
-
cpe:2.3:a:phpalbum.net:phpalbum:*