Unrated severityNVD Advisory· Published Mar 3, 2004· Updated Jun 16, 2026
CVE-2004-0127
CVE-2004-0127
Description
Directory traversal vulnerability in editconfig_gedcom.php for phpGedView 2.65.1 and earlier allows remote attackers to read arbitrary files or execute arbitrary PHP programs on the server via .. (dot dot) sequences in the gedcom_config parameter.
Affected products
7cpe:2.3:a:phpgedview:phpgedview:2.52.3:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:phpgedview:phpgedview:2.52.3:*:*:*:*:*:*:*
- cpe:2.3:a:phpgedview:phpgedview:2.60:*:*:*:*:*:*:*
- cpe:2.3:a:phpgedview:phpgedview:2.61:*:*:*:*:*:*:*
- cpe:2.3:a:phpgedview:phpgedview:2.61.1:*:*:*:*:*:*:*
- cpe:2.3:a:phpgedview:phpgedview:2.65:*:*:*:*:*:*:*
- cpe:2.3:a:phpgedview:phpgedview:2.65.1:*:*:*:*:*:*:*
- (no CPE)range: <=2.65.1
Patches
Vulnerability mechanics
References
6- www.securityfocus.com/archive/1/352355nvdExploitPatchVendor Advisory
- www.securityfocus.com/bid/9529nvdExploitPatchVendor Advisory
- secunia.com/advisories/10753/nvd
- www.osvdb.org/displayvuln.phpnvd
- www.securitytracker.com/idnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/15129nvd
News mentions
0No linked articles in our index yet.