Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
phpMyFAQ Other Vulnerability - CVE-2005-3048 - Vulnerability Database
phpMyFAQ

phpMyFAQ Other Vulnerability - CVE-2005-3048

Medium
Reference: CVE-2005-3048
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2005-3048
Title: phpMyFAQ Other Vulnerability
Overview:

Directory traversal vulnerability in index.php in PhpMyFaq 1.5.1 allows remote attackers to read arbitrary files or include arbitrary PHP files via a .. (dot dot) in the LANGCODE parameter which also allows direct code injection via the User Agent field in a request packet which can be activated by using LANGCODE to reference the user tracking data file.