Vulnerabilities > CVE-2005-2952 - Remote Directory Traversal vulnerability in Subscribe Me Pro S.PL

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
subscribe-me-pro
exploit available
NVD
Published: 2005-09-16
Updated: 2017-07-11

Summary

Directory traversal vulnerability in s.pl in Subscribe Me Pro 2.044.09P and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the l parameter.

Vulnerable Configurations

Part Description Count
Application
Subscribe_Me_Pro
1

Exploit-Db

descriptionSubscribe Me Pro 2.44 S.PL Remote Directory Traversal Vulnerability. CVE-2005-2952. Webapps exploit for php platform
idEDB-ID:26252
last seen2016-02-03
modified2005-09-13
published2005-09-13
reporterh4cky0u
sourcehttps://www.exploit-db.com/download/26252/
titleSubscribe Me Pro 2.44 S.PL Remote Directory Traversal Vulnerability

References