CVE-2005-3948

Phpalbum < 0.2.3 - Path Traversal

Title source: rule

Description

Directory traversal vulnerability in main.php in PHPAlbum 0.2.3 and earlier allows remote attackers to read arbitrary files via the (1) cmd and (2) var1 parameters.

Exploits (2)

exploitdb WRITEUP VERIFIED
by r0t3d3Vil · textwebappsphp
https://www.exploit-db.com/exploits/26668
exploitdb WRITEUP
webappsphp
https://www.exploit-db.com/exploits/18045

References (4)

Scores

EPSS 0.0385
EPSS Percentile 88.0%

Classification

Status draft

Affected Products (1)

phpalbum.net/phpalbum < 0.2.3

Timeline

Published Dec 01, 2005
Tracked Since Feb 18, 2026