NVD

Id
72314  
Name
CVE-2004-1937  
Description
Multiple directory traversal vulnerabilities in Nuked-KlaN 1.4b and 1.5b allow remote attackers to read or include arbitrary files via .. sequences in (1) the user_langue parameter to index.php or (2) the langue parameter to update.php, or modify arbitrary GLOBAL variables by causing globals.php to be loaded before conf.inc.php via (3) .. sequences in the file parameter with the page parameter set to globals, or (4) ../globals.php in the user_langue parameter, as demonstrated by modifying $nuked[prefix] in the Suggest module.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:N/A:N)  
Pub Date
2017-07-18  
Published
2004-12-31  
Modified Date
2017-07-10  
Seq
2004-1937  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
373308 72314 CVE-2004-1937 20040417 [SCSA-028] Nuked-Klan Multiple Vulnerabilities  View
373309 72314 CVE-2004-1937 http://www.phpsecure.info/v2/tutos/frog/Nuked-KlaN.txt  View
373310 72314 CVE-2004-1937 10104  View
373311 72314 CVE-2004-1937 nuked-klan-file-include(15843)  View
373312 72314 CVE-2004-1937 nuked-klan-configurtion-corruption(15844)  View

Related JVN