| |
Vulnerability CVE-2005-3156
Published: 2005-10-05 Modified: 2012-02-12
| Description: |
Directory traversal vulnerability in printfaq.php in EasyGuppy (Guppy for Windows) 4.5.4 and 4.5.5 allows remote attackers to read arbitrary files via ".." sequences in the pg parameter, which is cleansed for XSS but not directory traversal. |
CVSS2 => (AV:N/AC:M/Au:N/C:P/I:N/A:N)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
4.3/10 |
2.9/10 |
8.6/10 |
| Exploit range |
Attack complexity |
Authentication |
Remote |
Medium |
No required |
| Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
None |
None |
References: |
http://marc.theaimsgroup.com/?l=bugtraq&m=112812059917394&w=2
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
