3 matches found
phpXplorer 0.9.33 Action.PHP Directory Traversal Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/16292/info phpXplorer is prone to a directory traversal vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve...
CVE-2006-0434
Directory traversal vulnerability in action.php in phpXplorer allows remote attackers to read arbitrary files via ".." dot dot sequences and null bytes in the sAction parameter, a different vulnerability than CVE-2006-0244. NOTE: if the functionality of phpXplorer supports the upload of PHP files...
phpXplorer file inclusion
site:www.phpxplorer.org ------------------------------------------------ http://victim/folder/system/action.php?sShare=guest&sAction=../../../../../../../../../../../../etc/passwd00 ------------------------------------------------- example:...