CVE-2006-2280

2006-05-0923:00:00

mitre

www.cve.org

AI Score

6.7

Confidence

Low

EPSS

0.017

Percentile

87.9%

JSON

Directory traversal vulnerability in website.php in openEngine 1.8 Beta 2 and earlier allows remote attackers to list arbitrary directories and read arbitrary files via a … (dot dot) in the template parameter.

References

secunia.com/advisories/20047

www.osvdb.org/25359

www.securityfocus.com/archive/1/433229/100/0/threaded

www.securityfocus.com/bid/17871

www.vupen.com/english/advisories/2006/1728

exchange.xforce.ibmcloud.com/vulnerabilities/26345