VYPR
Unrated severityNVD Advisory· Published Nov 30, 2005· Updated Jun 16, 2026

CVE-2005-3929

CVE-2005-3929

Description

Directory traversal vulnerability in the create function in xarMLSXML2PHPBackend.php in Xaraya 1.0 allows remote attackers to create directories and overwrite arbitrary files via ".." sequences in the module parameter to index.php.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5
  • Xaraya/Xaraya5 versions
    cpe:2.3:a:xaraya:xaraya:1.0_rc1:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:xaraya:xaraya:1.0_rc1:*:*:*:*:*:*:*
    • cpe:2.3:a:xaraya:xaraya:1.0_rc2:*:*:*:*:*:*:*
    • cpe:2.3:a:xaraya:xaraya:1.0_rc3:*:*:*:*:*:*:*
    • cpe:2.3:a:xaraya:xaraya:1.0_rc4:*:*:*:*:*:*:*
    • (no CPE)range: <=1.0

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.