2 matches found
Directory traversal
Directory traversal vulnerability in autohtml.php in Francisco Burzi PHP-Nuke 8.0 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the filename parameter, a different vector than CVE-2006-4190. NOTE: the provenance of this information is unknown; the detail...
CVE-2006-4190
CVE-2006-4190 is a directory traversal vulnerability in the AutoHTML module for PHP-Nuke, exploitable via a .. in the name parameter of a modload operation within autohtml.php. The affected component is the AutoHTML module’s autohtml.php; root cause is improper handling of the filename parameter ...