Vulnerabilities > CVE-2005-4074 - Local File Include vulnerability in Mycfnuke CF Nuke 4.6

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

mycfnuke

exploit available

NVD

Published: 2005-12-08

Updated: 2017-07-20

Summary

Directory traversal vulnerability in index.cfm in CF_Nuke 4.6 and earlier, when Sandbox Security is disabled, allows remote attackers to include arbitrary local .cfm files via a .. (dot dot) in the (1) sector or (2) page parameters.

Vulnerable Configurations

Part	Description	Count
Application	Mycfnuke Mycfnuke CF Nuke 4.6	1

Exploit-Db

description	CF_Nuke 4.6 Index.CFM Local File Include Vulnerability. CVE-2005-4074 . Webapps exploit for cfm platform
id	EDB-ID:26766
last seen	2016-02-03
modified	2005-12-08
published	2005-12-08
reporter	r0t
source	https://www.exploit-db.com/download/26766/
title	CF_Nuke 4.6 Index.CFM Local File Include Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References