Unrated severityNVD Advisory· Published Nov 30, 2005· Updated Apr 16, 2026
CVE-2005-3910
CVE-2005-3910
Description
merchants/index.php in Post Affiliate Pro 2.0.4 and earlier, with magic_quotes_gpc disabled, allows remote attackers to include arbitrary local files via the md parameter, possibly due to a directory traversal vulnerability.
Affected products
1- cpe:2.3:a:post_affiliate_pro:post_affiliate_pro:2.0.4:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.