PhpAuction 2.5 Directory Traversal Vulnerability

PhpAuction 2.5 Directory Traversal Vulnerability

CVE-2005-2255 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:P/A:N

Directory traversal vulnerability in PhpAuction 2.5 allows remote attackers to read arbitrary files, include local PHP files, or obtain sensitive path information via ".." sequences in the lan parameter to (1) index.php or (2) admin/index.php.

Learn more about our Web Application Penetration Testing UK.