Vulnerability   
Search   
    Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:10574
Category:Web application abuses
Title:PHPix Directory Traversal Vulnerability
Summary:PHPix is prone to a directory traversal vulnerability.
Description:Summary:
PHPix is prone to a directory traversal vulnerability.

Vulnerability Insight:
PHPix allows an attacker to read arbitrary files on the remote
web server, prefixing the path name of the file with '..%2F..%2F..'. As an example the following:

GET /Album/?mode=album&album=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc&dispsize=640&start=0

will return all the files that are nested within /etc directory.

Solution:
Contact your vendor for the latest software release.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2000-0919
BugTraq ID: 1773
http://www.securityfocus.com/bid/1773
Bugtraq: 20001007 PHPix advisory (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2000-10/0117.html
http://www.osvdb.org/472
XForce ISS Database: phpix-dir-traversal(5331)
https://exchange.xforce.ibmcloud.com/vulnerabilities/5331
CopyrightCopyright (C) 2005 Zorgon

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2025 E-Soft Inc. All rights reserved.