CVE-2005-2256
EPSS 12.5%phppgadmin - missing input sanitising
發布日:2005/7/13修改日:2026/4/28
也稱為:DEBIAN-CVE-2005-2256
描述
Encoded directory traversal vulnerability in phpPgAdmin 3.1 to 3.5.3 allows remote attackers to access arbitrary files via "%2e%2e%2f" (encoded dot dot) sequences in the formLanguage parameter.
受影響套件(2)
- Debian/phppgadminfrom 0, < 3.5.4-1
- Debian/phppgadminfrom 0, < 3.5.2-5