Vulnerabilities > CVE-2005-3910 - Directory Traversal vulnerability in Post Affiliate PRO Post Affiliate PRO 2.0.4
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
merchants/index.php in Post Affiliate Pro 2.0.4 and earlier, with magic_quotes_gpc disabled, allows remote attackers to include arbitrary local files via the md parameter, possibly due to a directory traversal vulnerability.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |