CVE-2005-0796
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2005-0796
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Directory traversal vulnerability in HolaCMS 1.4.9-1 allows remote attackers to overwrite arbitrary files via a "holaDB/votes" followed by a .. (dot dot) in the vote_filename parameter, which bypasses the check by HolaCMS to ensure that the file is in the holaDB/votes directory.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
HolaCMS目录遍历漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
HolaCMS 1.4.9-1中的目录遍历漏洞,允许远程攻击者通过在vote_filename参数的"holaDB/votes"后跟..(点点)来重写任意文件,从而绕过HolaCMS的检查以确保文件位于holaDB/votes目录下。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2005-0796
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2005-0796
请登录查看更多情报信息。
- http://www.holacms.de/?content=changelogx_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2005-0796
Same Patch Batch · n/a · 2005-03-20 · 63 CVEs total
| CVE-2005-0803 | Microsoft Windows图形设备接口库拒绝服务漏洞 | |
| CVE-2005-0817 | Symantec Gateway Security未明远程DNS缓存中毒漏洞 | |
| CVE-2005-0820 | Microsoft InfoPath 2003不安全信息存储漏洞 | |
| CVE-2005-0819 | Novell Netware Xsession未授权服务器控制台访问漏洞 | |
| CVE-2005-0818 | PunBB 跨站脚本攻击漏洞 | |
| CVE-2005-0808 | Apache Tomcat 拒绝服务漏洞 | |
| CVE-2005-0807 | Massimiliano Montoro Cain & Abel PSK程序远程堆缓冲区溢出漏洞 | |
| CVE-2005-0806 | Novell Evolution未明拒绝服务漏洞 | |
| CVE-2005-0805 | Subdreamer SQL注入漏洞 | |
| CVE-2005-0804 | MailEnable远程格式串处理漏洞 | |
| CVE-2005-0809 | NotifyLink Enterprise Server多个弱口令漏洞 | |
| CVE-2005-0802 | ACS Blog Search.ASP 跨站脚本漏洞 | |
| CVE-2005-0801 | Includer的includer.cgi目录遍历漏洞 | |
| CVE-2005-0800 | McNews install.php远程任意文件包含漏洞 | |
| CVE-2005-0799 | Oracle MySQL 安全漏洞 | |
| CVE-2005-0798 | Novell iChain Mini FTP 服务 登录用户数量错误漏洞 | |
| CVE-2005-0797 | Novell iChain Mini FTP Server 有效帐号名泄露漏洞 | |
| CVE-2005-0795 | HolaCMS 投票模块 远程文件破坏漏洞 | |
| CVE-2005-0794 | ZPanel 'install.php'拒绝服务攻击漏洞 | |
| CVE-2005-0793 | Zpanel 远程文件包含漏洞 |
Showing top 20 of 63 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8276
bettercap MySQL Server mysql_server.go integer coercion - CVE-2026-8275
bettercap zerogod IPP Service zerogod_ipp_primitives.go ippR - CVE-2026-8270
Open5GS SMF ogs_nas_parse_qos_rules denial of service - CVE-2026-8269
Open5GS SMF smf_nsmf_handle_create_sm_context denial of serv - CVE-2026-8268
Open5GS SMF OpenAPI_list_create denial of service
V. Comments for CVE-2005-0796
No comments yet