Simple PHP Blog Dir Traversal Network Vulnerability

Summary

The remote host runs Simple PHP Blog, an open source blog written in PHP, which allows for retrieval of arbitrary files from the web server. These issues are due to a failure of the application to properly sanitize user-supplied input data.

Solution

Upgrade at least to version 0.3.7 r2.

Severity

Classification

CVE CVE-2005-0214

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Use LDAP search request to retrieve information from NT Directory Services
Music Daemon File Disclosure
WebLogic Server /%00/ bug
Check for Apache Multiple / vulnerability
IlohaMail Arbitrary File Access via Language Variable

Simple PHP Blog dir traversal

Take action and discover your vulnerabilities