{
  "modified": "2025-08-09T19:01:28Z",
  "published": "2005-07-13T04:00:00Z",
  "id": "CVE-2005-2256",
  "details": "Encoded directory traversal vulnerability in phpPgAdmin 3.1 to 3.5.3 allows remote attackers to access arbitrary files via \"%2e%2e%2f\" (encoded dot dot) sequences in the formLanguage parameter.",
  "references": [
    {
      "type": "ADVISORY",
      "url": "http://secunia.com/advisories/15941"
    },
    {
      "type": "ADVISORY",
      "url": "http://secunia.com/advisories/16116"
    },
    {
      "type": "ADVISORY",
      "url": "http://www.debian.org/security/2005/dsa-759"
    },
    {
      "type": "ADVISORY",
      "url": "http://www.vuxml.org/freebsd/88188a8c-eff6-11d9-8310-0001020eed82.html"
    },
    {
      "type": "EVIDENCE",
      "url": "http://securitytracker.com/id?1014414"
    },
    {
      "type": "EVIDENCE",
      "url": "http://www.securityfocus.com/bid/14142"
    },
    {
      "type": "WEB",
      "url": "http://archives.neohapsis.com/archives/dailydave/2005-q3/0010.html"
    },
    {
      "type": "WEB",
      "url": "http://sourceforge.net/project/shownotes.php?release_id=342261"
    }
  ]
}