CVE-2006-0244 Information

Feb 14, 2021 cve

Description

LICENSE README.md cvefilelist cvelist nvdcve nvdpages.sh scripts test-CVE-2017-1882.markdown test-CVE-2017-18822.markdown tmpvendorlinks DISPUTED LICENSE README.md cvefilelist cvelist nvdcve nvdpages.sh scripts test-CVE-2017-1882.markdown test-CVE-2017-18822.markdown tmpvendorlinks Directory traversal vulnerability in workspaces.php in phpXplorer 0.9.33 allows remote attackers to include arbitrary files via a .. (dot dot) and trailing null byte (00) in the sShare parameter. NOTE: a followup post claims that this is not a vulnerability since the functionality of phpXplorer supports the upload of PHP files which would not cross privilege boundaries since the PHP functionality would support read access outside the web root.

Reference

http://secunia.com/advisories/18518 http://securityreason.com/securityalert/353 http://www.arrelnet.com/advisories/adv20060116.html http://www.securityfocus.com/archive/1/421997/100/0/threaded http://www.securityfocus.com/archive/1/422158/100/0/threaded http://www.securityfocus.com/bid/16263 http://www.vupen.com/english/advisories/2006/0232 https://exchange.xforce.ibmcloud.com/vulnerabilities/39982

Share on: