Vulnerabilities > CVE-2005-3948 - Local File Include vulnerability in PHPAlbum

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
phpalbum-net
exploit available

Summary

Directory traversal vulnerability in main.php in PHPAlbum 0.2.3 and earlier allows remote attackers to read arbitrary files via the (1) cmd and (2) var1 parameters.

Vulnerable Configurations

Part Description Count
Application
Phpalbum.Net
1

Exploit-Db

  • descriptionPHPAlbum 0.2.3/4.1 Local File Include Vulnerability. CVE-2005-3948. Webapps exploit for php platform
    idEDB-ID:26668
    last seen2016-02-03
    modified2005-11-30
    published2005-11-30
    reporterr0t3d3Vil
    sourcehttps://www.exploit-db.com/download/26668/
    titlePHPAlbum 0.2.3/4.1 - Local File Include Vulnerability
  • descriptionPHP Photo Album <= 0.4.1.16 - Multiple Disclosure Vulnerabilities. CVE-2005-3948,CVE-2011-4806,CVE-2011-4807. Webapps exploit for php platform
    fileexploits/php/webapps/18045.txt
    idEDB-ID:18045
    last seen2016-02-02
    modified2011-10-29
    platformphp
    port
    published2011-10-29
    reporterBHG Security Center
    sourcehttps://www.exploit-db.com/download/18045/
    titlePHP Photo Album <= 0.4.1.16 - Multiple Disclosure Vulnerabilities
    typewebapps