Directory traversal vulnerability in s.pl in Subscribe Me Pro 2.044.09P and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the l parameter.
References
| Link | Resource |
|---|---|
| http://marc.info/?l=bugtraq&m=112662785418368&w=2 | |
| http://secunia.com/advisories/16796/ | Patch Vendor Advisory |
| http://securityreason.com/securityalert/4 | |
| http://www.h4cky0u.org/advisories/HYA-2005-007-subscribe-me-pro.txt | Exploit Patch Vendor Advisory |
| http://www.securityfocus.com/bid/14817 | Exploit Patch |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/22249 | |
| http://marc.info/?l=bugtraq&m=112662785418368&w=2 | |
| http://secunia.com/advisories/16796/ | Patch Vendor Advisory |
| http://securityreason.com/securityalert/4 | |
| http://www.h4cky0u.org/advisories/HYA-2005-007-subscribe-me-pro.txt | Exploit Patch Vendor Advisory |
| http://www.securityfocus.com/bid/14817 | Exploit Patch |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/22249 |
Configurations
History
21 Nov 2024, 00:00
| Type | Values Removed | Values Added |
|---|---|---|
| References | () http://marc.info/?l=bugtraq&m=112662785418368&w=2 - | |
| References | () http://secunia.com/advisories/16796/ - Patch, Vendor Advisory | |
| References | () http://securityreason.com/securityalert/4 - | |
| References | () http://www.h4cky0u.org/advisories/HYA-2005-007-subscribe-me-pro.txt - Exploit, Patch, Vendor Advisory | |
| References | () http://www.securityfocus.com/bid/14817 - Exploit, Patch | |
| References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/22249 - |
Information
Published : 2005-09-16 22:03
Updated : 2024-11-21 00:00
NVD link : CVE-2005-2952
Mitre link : CVE-2005-2952
CVE.ORG link : CVE-2005-2952
JSON object : View
Products Affected
subscribe_me_pro
- subscribe_me_pro
CWE