Vulnerabilities > CVE-2005-2686 - Directory Traversal vulnerability in Savewebportal 3.4

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
savewebportal
NVD
Published: 2005-08-24
Updated: 2008-09-05

Summary

Directory traversal vulnerability in SaveWebPortal 3.4 allows remote attackers to include arbitrary files and execute arbitrary local PHP programs via ".." sequences in the (1) SITE_Path parameter to menu_dx.php or (2) CONTENTS_Dir parameter to menu_sx.php.

Vulnerable Configurations

Part Description Count
Application
Savewebportal
1

References