1. Home
  2. CVE Database
  3. CVE-2005-1699
MEDIUM · 4.0

CVE-2005-1699

Directory traversal vulnerability in pnadminapi.php in the Xanthia module in PostNuke 0.760-RC3 allows remote administrators to read arbitrary files via a .. (dot dot) in the skin parameter.

Vulnerability Description

Directory traversal vulnerability in pnadminapi.php in the Xanthia module in PostNuke 0.760-RC3 allows remote administrators to read arbitrary files via a .. (dot dot) in the skin parameter.

CVSS Score

4.0

MEDIUM

AV:N/AC:L/Au:S/C:P/I:N/A:N
Confidentiality
PARTIAL
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
Postnuke Software FoundationPostnuke0.760_rc3

References

FAQ

What is CVE-2005-1699?

CVE-2005-1699 is a vulnerability with a CVSS score of 4.0 (MEDIUM). Directory traversal vulnerability in pnadminapi.php in the Xanthia module in PostNuke 0.760-RC3 allows remote administrators to read arbitrary files via a .. (dot dot) in the skin parameter.

How severe is CVE-2005-1699?

CVE-2005-1699 has been rated MEDIUM with a CVSS base score of 4.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2005-1699?

Check the references section above for vendor advisories and patch information. Affected products include: Postnuke Software Foundation Postnuke.