Lucene search

[email protected]CVE-2006-2633

HistoryMay 30, 2006 - 10:02 a.m.

CVE-2006-2633

2006-05-3010:02:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-2633

absolute path traversal

copy action

index.php

andrew godwin bytehoard 2.1

information security

vulnerability

7.1 High

AI Score

Confidence

Low

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

57.1%

JSON

Absolute path traversal vulnerability in the copy action in index.php in Andrew Godwin ByteHoard 2.1 and earlier allows remote authenticated users to create or overwrite files in other users’ directories by specifying the absolute path of the directory in the infolder parameter and simultaneously specifying the filename in the filepath parameter.

CPENameOperatorVersion
andrew_godwin:bytehoardandrew godwin bytehoardeq2.1_alpha
andrew_godwin:bytehoardandrew godwin bytehoardeq2.1_beta
andrew_godwin:bytehoardandrew godwin bytehoardeq2.1_delta
andrew_godwin:bytehoardandrew godwin bytehoardeq2.0.4
andrew_godwin:bytehoardandrew godwin bytehoardeq2.0_beta2
andrew_godwin:bytehoardandrew godwin bytehoardeq2.0.2
andrew_godwin:bytehoardandrew godwin bytehoardeq2.0.3
andrew_godwin:bytehoardandrew godwin bytehoardeq2.0_beta1
andrew_godwin:bytehoardandrew godwin bytehoardeq2.0.1
andrew_godwin:bytehoardandrew godwin bytehoardeq2.1_gamma

CPE	Name	Operator	Version
andrew_godwin:bytehoard	andrew godwin bytehoard	eq	2.1_alpha
andrew_godwin:bytehoard	andrew godwin bytehoard	eq	2.1_beta
andrew_godwin:bytehoard	andrew godwin bytehoard	eq	2.1_delta
andrew_godwin:bytehoard	andrew godwin bytehoard	eq	2.0.4
andrew_godwin:bytehoard	andrew godwin bytehoard	eq	2.0_beta2
andrew_godwin:bytehoard	andrew godwin bytehoard	eq	2.0.2
andrew_godwin:bytehoard	andrew godwin bytehoard	eq	2.0.3
andrew_godwin:bytehoard	andrew godwin bytehoard	eq	2.0_beta1
andrew_godwin:bytehoard	andrew godwin bytehoard	eq	2.0.1
andrew_godwin:bytehoard	andrew godwin bytehoard	eq	2.1_gamma

Rows per page:

1-10 of 121

References

secunia.com/advisories/20304

securityreason.com/securityalert/968

sourceforge.net/forum/forum.php?forum_id=576219

sourceforge.net/project/shownotes.php?release_id=420549&group_id=90199

www.securityfocus.com/archive/1/435135/100/0/threaded

www.securityfocus.com/bid/18139

www.vupen.com/english/advisories/2006/2033

exchange.xforce.ibmcloud.com/vulnerabilities/26705

7.1 High

AI Score

Confidence

Low

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

57.1%

JSON

Related for CVE-2006-2633

prion1