CVE-2006-6938 Information

Description

Directory traversal vulnerability in includes/common.php in NitroTech 0.0.3a as distributed before 2006 allows remote attackers to include arbitrary files via ..\ sequences in the root parameter.

Reference

http://www.securityfocus.com/bid/20810 https://exchange.xforce.ibmcloud.com/vulnerabilities/29904 https://www.exploit-db.com/exploits/2685