Exploitation Summary
EIP tracks 1 public exploit for CVE-2005-1201.
AI-analyzed exploit summary This is a detailed technical analysis of multiple vulnerabilities in AZBB forum software, including arbitrary file deletion, file inclusion, and file enumeration. It provides code snippets, root cause analysis, and mitigation guidance.
Description
Multiple directory traversal vulnerabilities in AZ Bulletin board (AZbb) before 1.0.08 allow (1) remote authenticated users with administrative privileges to delete arbitrary files via a .. (dot dot) in the URL to admin_avatar.php or admin_attachment.php or (2) remote attackers to enumerate files via a .. (dot dot) in the attachment parameter to attachment.php, which displays a different message when a file exists or does not exist.
Exploits (1)
This is a detailed technical analysis of multiple vulnerabilities in AZBB forum software, including arbitrary file deletion, file inclusion, and file enumeration. It provides code snippets, root cause analysis, and mitigation guidance.