CVE-2004-0127

Published: Mar 3, 2004Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Directory traversal vulnerability in editconfig_gedcom.php for phpGedView 2.65.1 and earlier allows remote attackers to read arbitrary files or execute arbitrary PHP programs on the server via .. (dot dot) sequences in the gedcom_config parameter.

Affected (6)

Products: Phpgedview: Phpgedview

1 product

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Phpgedview Phpgedview	Version 2.52.3
Phpgedview Phpgedview	Version 2.60
Phpgedview Phpgedview	Version 2.61.1
Phpgedview Phpgedview	Version 2.61
Phpgedview Phpgedview	Version 2.65.1
Phpgedview Phpgedview	Version 2.65

References (12)

http://secunia.com/advisories/10753/

Source: cve@mitre.org

http://www.osvdb.org/displayvuln.php?osvdb_id=3768

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/352355

Source: cve@mitre.org

ExploitPatchVendor Advisory

http://www.securityfocus.com/bid/9529

Source: cve@mitre.org

ExploitPatchVendor Advisory

http://www.securitytracker.com/id?1008892

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/15129

Source: cve@mitre.org

http://secunia.com/advisories/10753/

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/displayvuln.php?osvdb_id=3768

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/352355

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatchVendor Advisory

http://www.securityfocus.com/bid/9529

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatchVendor Advisory

http://www.securitytracker.com/id?1008892

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/15129

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.