Unrated severityNVD Advisory· Published Sep 20, 2005· Updated Apr 16, 2026

CVE-2005-2997

Description

Multiple directory traversal vulnerabilities in PHP Advanced Transfer Manager 1.30 allow remote attackers to read arbitrary files via ".." sequences in (1) the currentdir parameter to txt.php, or the current_dir parameter to (2) htm.php or (3) html.php.

Affected products

Bugada Andrea/PHP Advanced Transfer Manager
cpe:2.3:a:bugada_andrea:php_advanced_transfer_manager:1.30:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

rgod.altervista.org/phpatm130.htmlnvdExploit
secunia.com/advisories/16867nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000