Penetration Testing UK

CVE-2005-2997

CVE-2005-2997

Severity Score

5.0

Access Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

Summary

Multiple directory traversal vulnerabilities in PHP Advanced Transfer Manager 1.30 allow remote attackers to read arbitrary files via ".." sequences in (1) the currentdir parameter to txt.php, or the current_dir parameter to (2) htm.php or (3) html.php.

Learn more about our Penetration Testing services.