Vulnerabilities > CVE-2005-2951 - Directory Traversal vulnerability in Azerbaijan Development Group Azdgdating 2.1.3
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Directory traversal vulnerability in security.inc.php in AzDGDatingLite 2.1.3, and possibly earlier versions, allows remote attackers to execute arbitrary PHP commands via ".." sequences and "%00" (trailing null byte) characters in the l parameter, which is used in an include_once statement.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | AzDGDatingLite <= 2.1.3 Remote Code Execution Exploit. CVE-2005-2951. Webapps exploit for php platform |
id | EDB-ID:1214 |
last seen | 2016-01-31 |
modified | 2005-09-13 |
published | 2005-09-13 |
reporter | rgod |
source | https://www.exploit-db.com/download/1214/ |
title | AzDGDatingLite <= 2.1.3 - Remote Code Execution Exploit |