Arbitrary File Read Vulnerability in PostNuke Xanthia Module

Arbitrary File Read Vulnerability in PostNuke Xanthia Module

CVE-2005-1699 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

Directory traversal vulnerability in pnadminapi.php in the Xanthia module in PostNuke 0.760-RC3 allows remote administrators to read arbitrary files via a .. (dot dot) in the skin parameter.

Learn more about our Api Penetration Testing.