CVE-2006-6186 Information

Description

Multiple directory traversal vulnerabilities in enomphp 4.0 allow remote attackers to read arbitrary files via a .. (dot dot) in the dir parameter to (1) config.php (2) ranklv_inside.php (3) rankml_inside.php and (4) admin/Restore/config.php.

Reference

http://securityreason.com/securityalert/1940 http://www.attrition.org/pipermail/vim/2006-November/001152.html http://www.securityfocus.com/archive/1/452123/100/100/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/30437