CVE-2006-4369

2006-08-2601:00:00

mitre

www.cve.org

6.7 Medium

AI Score

Confidence

Low

0.011 Low

EPSS

Percentile

84.8%

JSON

Absolute path traversal vulnerability in includes/functions_portal.php in IntegraMOD Portal 2.x and earlier, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via an absolute pathname in the phpbb_root_path parameter.

References

marc.info/?l=full-disclosure&m=115641052418714&w=2

www.nukedx.com/?viewdoc=47

www.securityfocus.com/archive/1/444207/100/0/threaded

www.securityfocus.com/bid/19689

exchange.xforce.ibmcloud.com/vulnerabilities/28547

www.exploit-db.com/exploits/2250