Directory Traversal Vulnerability in Torrential by Unspecified Vendor
CVE-2005-4160

Currently unrated

Key Information:

Vendor: Unspecified Vendor
Status: Torrential
Vendor: CVE Published:; 11 December 2005

🔔 Create Unspecified Vendor Vulnerability Alert

What is CVE-2005-4160?

A directory traversal vulnerability exists in the Torrential 1.2 product's getdox.php script, allowing remote attackers to manipulate the file path in the query string through the use of '../' sequences. This flaw enables unauthorized access to sensitive files on the server, potentially leading to data disclosure. Proper input validation is crucial to mitigate such vulnerabilities.

References

http://www.securityfocus.com/bid/15530

vdb-entryx_refsource_BID

http://www.osvdb.org/21305

vdb-entryx_refsource_OSVDB

http://securitytracker.com/id?1015338

vdb-entryx_refsource_SECTRACK

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 11, 2005
Vulnerability Reserved
Dec 11, 2005