2 matches found
CVE-2006-3050
CVE-2006-3050 affects SixCMS 6.0 and earlier versions up to 6.0.6patch2. A directory traversal flaw in detail.php can be exploited by supplying a template parameter containing a .. sequence and a trailing null byte (%00), allowing remote attackers to read arbitrary files. The NVD metrics indicate...
CVE-2006-3050
Directory traversal vulnerability in detail.php in SixCMS 6.0, and other versions before 6.0.6patch2, allows remote attackers to read arbitrary files via a .. dot dot sequence and trailing null %00 byte in the template parameter...