VYPR
Unrated severityNVD Advisory· Published Jun 2, 2005· Updated Jun 16, 2026

CVE-2005-1840

CVE-2005-1840

Description

Directory traversal vulnerability in class.layout_phpcms.php in phpCMS 1.2.x before 1.2.1pl2 allows remote attackers to read or include arbitrary files, as demonstrated using a .. (dot dot) in the language parameter to parser.php.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5
  • Phpcms/Phpcms5 versions
    cpe:2.3:a:phpcms:phpcms:1.2.0:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:phpcms:phpcms:1.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:phpcms:phpcms:1.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:phpcms:phpcms:1.2.1_p12:*:*:*:*:*:*:*
    • cpe:2.3:a:phpcms:phpcms:1.2.1_pl1:*:*:*:*:*:*:*
    • (no CPE)range: <1.2.1pl2

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.