CVE-2011-0405

N/A Unknown

Published: January 11, 2011 Modified: April 29, 2026

Description

Directory traversal vulnerability in module.php in PhpGedView 4.2.3 and possibly other versions, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via directory traversal sequences in the pgvaction parameter.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://osvdb.org/70295

Source: cve@mitre.org

http://secunia.com/advisories/42786

Source: cve@mitre.org

Vendor Advisory

http://sourceforge.net/projects/phpgedview/forums/forum/185166/topic/4040059

Source: cve@mitre.org

Exploit

http://sourceforge.net/tracker/?func=detail&aid=3152857&group_id=55456&atid=477081

Source: cve@mitre.org

Patch

http://www.exploit-db.com/exploits/15913

Source: cve@mitre.org

Exploit

http://www.securityfocus.com/bid/45674

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2011/0036

Source: cve@mitre.org

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/64733

Source: cve@mitre.org

http://osvdb.org/70295