CVE-2005-2792

phpLDAPadmin <0.9.8 - Path Traversal

Title source: llm

Description

Directory traversal vulnerability in welcome.php in phpLDAPadmin 0.9.6 and 0.9.7 allows remote attackers to read arbitrary files via a .. (dot dot) in the custom_welcome_page parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED

by rgod · textwebappsphp

https://www.exploit-db.com/exploits/26211

View Code ZIP pw:eip

References (5)

Core 5

Core References

Exploit, Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/16617/

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/22103

Mailing List, Third Party Advisory mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=112542447219235&w=2

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/14695

Broken Link x_refsource_misc

http://www.rgod.altervista.org/phpldap.html

Scores

EPSS 0.1399

EPSS Percentile 94.4%

Details

CWE

CWE-22

Status published

Products (2)

phpldapadmin_project/phpldapadmin 0.9.6

phpldapadmin_project/phpldapadmin 0.9.7

Published Sep 02, 2005

Tracked Since Feb 18, 2026