CVE-2005-0795

Published: Mar 20, 2005

Modified: Aug 7, 2024

PUBLISHED

Description

HolaCMS 1.4.9 does not restrict file access to the holaDB/votes directory, which allows remote attackers to overwrite arbitrary files via a modified vote_filename parameter.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20050315 Virginity Security Advisory 2005-001 : Hola CMS - File destruction and System access

mailing-list

x_refsource_BUGTRAQ

http://www.holacms.de/?content=changelog

x_refsource_CONFIRM

14566

third-party-advisory

x_refsource_SECUNIA

hola-votefilename-directory-traversal(19672)

vdb-entry

x_refsource_XF

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2005-0795

Description

Affected Products

References