CVE-2005-4095

high

Description

Directory traversal vulnerability in connector.php in the fckeditor2rc2 addon in DoceboLMS 2.0.4 allows remote attackers to list arbitrary files and directories via ".." sequences in the Type parameter in a GetFoldersAndFiles command.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/23518

http://www.vupen.com/english/advisories/2005/2771

http://www.osvdb.org/21464

http://securitytracker.com/id?1015308

http://secunia.com/advisories/1015308

Details

Source: Mitre, NVD

Published: 2005-12-08

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High

EPSS

EPSS: 0.11964