CVE-2005-3548
Invision Power Board 2.0.1 - Path Traversal via Task PHP File To Run Field
Title source: llmDescription
Directory traversal vulnerability in Task Manager in Invision Power Board (IP.Board) 2.0.1 allows limited remote attackers to include files via a .. (dot dot) in the "Task PHP File To Run" field.
References (4)
Core 4
Core References
Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/17443
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/415798/30/0/threaded
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/35429
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/40000
Scores
EPSS
0.0131
EPSS Percentile
67.1%
Details
CWE
CWE-22
Status
published
Products (1)
invision_power_services/invision_board
2.0.1
Published
Nov 16, 2005
Tracked Since
Feb 18, 2026