VYPR
Unrated severityNVD Advisory· Published Jul 13, 2005· Updated Jun 16, 2026

CVE-2005-2255

CVE-2005-2255

Description

Directory traversal vulnerability in PhpAuction 2.5 allows remote attackers to read arbitrary files, include local PHP files, or obtain sensitive path information via ".." sequences in the lan parameter to (1) index.php or (2) admin/index.php.

Affected products

1

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.