TorrentFlux dir.php dir Variable Traversal Arbitrary Directory List

{"id": "OSVDB:31523", "bulletinFamily": "software", "title": "TorrentFlux dir.php dir Variable Traversal Arbitrary Directory List", "description": "## Manual Testing Notes\nhttp://[target]/torrentfluxroot/dir.php?dir=../../../etc/\n## References:\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-10/0435.html\n[CVE-2006-5609](https://vulners.com/cve/CVE-2006-5609)\nBugtraq ID: 20771\n", "published": "2006-10-26T00:06:01", "modified": "2006-10-26T00:06:01", "cvss": {"score": 5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://vulners.com/osvdb/OSVDB:31523", "reporter": "OSVDB", "references": [], "cvelist": ["CVE-2006-5609"], "type": "osvdb", "lastseen": "2017-04-28T13:20:27", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "abfa378561b769bc65595fcfe639e7b9"}, {"key": "cvss", "hash": "a792e2393dff1e200b885c5245988f6f"}, {"key": "description", "hash": "6edde8fd8f13f6c59859e7b3f709c5ad"}, {"key": "href", "hash": "e7acbe4280f3ea387a0cc65cbd882af5"}, {"key": "modified", "hash": "deccd9daa7cd674caca371785cd0b9af"}, {"key": "objectVersion", "hash": "56765472680401499c79732468ba4340"}, {"key": "published", "hash": "deccd9daa7cd674caca371785cd0b9af"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "955b328dc7cd615c13af5464c9183464"}, {"key": "title", "hash": "3aa3328d65fd47bdfd3c364195b93eb7"}, {"key": "type", "hash": "1327ac71f7914948578f08c54f772b10"}], "hash": "66e5095e54bb09691c356e65fe10e133828daf04c8fe913f3bf1a737c5908179", "viewCount": 0, "objectVersion": "1.2", "affectedSoftware": [], "enchantments": {"vulnersScore": 3.6}}

{"result": {"cve": [{"id": "CVE-2006-5609", "type": "cve", "title": "CVE-2006-5609", "description": "Directory traversal vulnerability in dir.php in TorrentFlux 2.1 allows remote attackers to list arbitrary directories via \"\\.\\./\" sequences in the dir parameter.", "published": "2006-10-30T18:07:00", "cvss": {"score": 5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-5609", "cvelist": ["CVE-2006-5609"], "lastseen": "2016-09-03T07:47:00"}], "seebug": [{"id": "SSV-82411", "type": "seebug", "title": "TorrentFlux 2.1 Dir.PHP Directory Traversal Vulnerability", "description": "Summary: \nTorrentFlux 2.1 dir. in php there is a directory traversal vulnerability, the remote attacker can via the dir parameter in the\"\\\\.\\\\./\" The sequence listed in any directory.\n", "published": "2014-07-01T00:00:00", "cvss": {"score": 5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://www.seebug.org/vuldb/ssvid-82411", "cvelist": ["CVE-2006-5609"], "lastseen": "2016-08-06T02:59:11"}], "exploitdb": [{"id": "EDB-ID:28867", "type": "exploitdb", "title": "TorrentFlux 2.1 Dir.PHP Directory Traversal Vulnerability", "description": "TorrentFlux 2.1 Dir.PHP Directory Traversal Vulnerability. CVE-2006-5609. Webapps exploit for php platform", "published": "2006-10-27T00:00:00", "cvss": {"score": 5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://www.exploit-db.com/exploits/28867/", "cvelist": ["CVE-2006-5609"], "lastseen": "2016-02-03T09:06:32"}]}}