2 matches found
CVE-2006-2952
The CVE-2006-2952 entry describes a directory traversal vulnerability in Net Portal Dynamic System (NPDS) versions 5.10 and earlier. The flaw allows remote attackers to read arbitrary files by crafting a .. (dot dot) path and a trailing null (%00) byte in specific parameters: (1) Default_Theme in...
CVE-2006-2952
Directory traversal vulnerability in Net Portal Dynamic System NPDS 5.10 and earlier allows remote attackers to read arbitrary files via a .. dot dot sequence and trailing null %00 byte in the 1 DefaultTheme parameter to header.php or 2 ModPath parameter to modules/cluster-paradise/cluster-E.php...