Lucene search
MitreCVELIST:CVE-2006-1201HistoryMar 14, 2006 - 1:00 a.m.
CVE-2006-1201
2006-03-1401:00:00
mitre
www.cve.org
8
Directory traversal vulnerability in resetpw.php in eschew.net phpBannerExchange 2.0 and earlier, and other versions before 2.0 Update 5, allows remote attackers to read arbitrary files via a … (dot dot) in the email parameter during a “Recover password” operation (recoverpw.php).
References
archives.neohapsis.com/archives/fulldisclosure/2006-02/0879.html
secunia.com/advisories/19127
www.eschew.net/scripts/phpbe/2.0/releasenotes.php
www.h4cky0u.org/advisories/HYSA-2006-004-phpbanner.txt
www.osvdb.org/23720
www.securityfocus.com/archive/1/426940/100/0/threaded
www.securityfocus.com/bid/16996
www.vupen.com/english/advisories/2006/0869
exchange.xforce.ibmcloud.com/vulnerabilities/25071
exchange.xforce.ibmcloud.com/vulnerabilities/25080
Related
nvd
nvd
CVE-2006-1201
2006-03-14 01:06:00
prion
prion
Directory traversal
2006-03-14 01:06:00
cve
cve
CVE-2006-1201
2006-03-14 01:06:00
nessus
nessus
phpBannerExchange Template Class Local File Inclusion
2006-03-27 00:00:00