CVE-2005-2686

Publication date

2005-08-24 04:00:00

Family

mitre

State

PUBLISHED

Description

Directory traversal vulnerability in SaveWebPortal 3.4 allows remote attackers to include arbitrary files and execute arbitrary local PHP programs via ".." sequences in the (1) SITE_Path parameter to menu_dx.php or (2) CONTENTS_Dir parameter to menu_sx.php.