PhpAuction 2.5 Directory Traversal Vulnerability
CVE-2005-2255 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:P/A:N
Directory traversal vulnerability in PhpAuction 2.5 allows remote attackers to read arbitrary files, include local PHP files, or obtain sensitive path information via ".." sequences in the lan parameter to (1) index.php or (2) admin/index.php.
Learn more about our Web Application Penetration Testing UK.