CVE-2005-0214

Description

Directory traversal vulnerability in Simple PHP Blog (SPHPBlog) 0.3.7c allows remote attackers to read or create arbitrary files via a .. (dot dot) in the entry parameter.

Affected products

• alexander_palmo / simple_php_blog0.3.7c – 0.3.7c

References

• MISChttp://archives.neohapsis.com/archives/fulldisclosure/2005-01/0210.html
• MAILING_LISThttp://marc.info/?l=bugtraq&m=110512850603989&w=2
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/18802
• MISChttp://www.securityfocus.com/bid/12193