Vulnerabilities > CVE-2005-4095 - Directory Traversal vulnerability in Docebolms 2.0.4
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Directory traversal vulnerability in connector.php in the fckeditor2rc2 addon in DoceboLMS 2.0.4 allows remote attackers to list arbitrary files and directories via ".." sequences in the Type parameter in a GetFoldersAndFiles command.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | DoceboLMS <= 2.0.4 connector.php Shell Upload Exploit. CVE-2005-4095. Webapps exploit for php platform |
| id | EDB-ID:1356 |
| last seen | 2016-01-31 |
| modified | 2005-12-04 |
| published | 2005-12-04 |
| reporter | rgod |
| source | https://www.exploit-db.com/download/1356/ |
| title | DoceboLms <= 2.0.4 connector.php Shell Upload Exploit |
References
- http://rgod.altervista.org/docebo204_xpl.html
- http://secunia.com/advisories/1015308
- http://secunia.com/advisories/17896
- http://securitytracker.com/id?1015308
- http://www.osvdb.org/21464
- http://www.securityfocus.com/bid/15742
- http://www.vupen.com/english/advisories/2005/2771
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23518