Vulnerabilities > CVE-2005-3948 - Unspecified vulnerability in PHPalbum.Net PHPalbum
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN phpalbum-net
exploit available
Summary
Directory traversal vulnerability in main.php in PHPAlbum 0.2.3 and earlier allows remote attackers to read arbitrary files via the (1) cmd and (2) var1 parameters.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
description PHPAlbum 0.2.3/4.1 Local File Include Vulnerability. CVE-2005-3948. Webapps exploit for php platform id EDB-ID:26668 last seen 2016-02-03 modified 2005-11-30 published 2005-11-30 reporter r0t3d3Vil source https://www.exploit-db.com/download/26668/ title PHPAlbum 0.2.3/4.1 - Local File Include Vulnerability description PHP Photo Album <= 0.4.1.16 - Multiple Disclosure Vulnerabilities. CVE-2005-3948,CVE-2011-4806,CVE-2011-4807. Webapps exploit for php platform file exploits/php/webapps/18045.txt id EDB-ID:18045 last seen 2016-02-02 modified 2011-10-29 platform php port published 2011-10-29 reporter BHG Security Center source https://www.exploit-db.com/download/18045/ title PHP Photo Album <= 0.4.1.16 - Multiple Disclosure Vulnerabilities type webapps
References
- http://pridels0.blogspot.com/2005/11/phpalbum-local-file-include-vuln.html
- http://pridels0.blogspot.com/2005/11/phpalbum-local-file-include-vuln.html
- http://www.osvdb.org/21410
- http://www.osvdb.org/21410
- http://www.phpalbum.net/dw
- http://www.phpalbum.net/dw
- http://www.securityfocus.com/bid/15651
- http://www.securityfocus.com/bid/15651