Directory Traversal Vulnerability in BibORB 1.3.2 and Earlier: Arbitrary File Deletion via Database_Name Parameter

Directory Traversal Vulnerability in BibORB 1.3.2 and Earlier: Arbitrary File Deletion via Database_Name Parameter

CVE-2005-0253 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:N/A:P

Directory traversal vulnerability in index.php for BibORB 1.3.2, and possibly earlier versions, allows remote attackers to delete arbitrary files via a Delete action and .. (dot dot) sequences in the database_name parameter.

Learn more about our Web Application Penetration Testing UK.