CVE-2006-6033 Information
Feb 14, 2021
cve
Description
Multiple directory traversal vulnerabilities in Simple PHP Blog (SPHPBlog) probably 0.4.8 allow remote attackers to read arbitrary files and possibly include arbitrary PHP code via a .. (dot dot) sequence in the blog_theme parameter in (1) index.php (2) add_cgi.php (3) add_link.php (4) login.php (5) template.php or (6) contact.php.
Reference
http://securityreason.com/securityalert/1892 http://www.securityfocus.com/archive/1/451954/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/30383
Share on: