Описание
Directory traversal vulnerability in Nodez 4.6.1.1 and earlier allows remote attackers to read or include arbitrary PHP files via a .. (dot dot) in the op parameter, as demonstrated by inserting malicious Email parameters into list.gtdat, then accessing list.gtdat using the op parameter.
Directory traversal vulnerability in Nodez 4.6.1.1 and earlier allows remote attackers to read or include arbitrary PHP files via a .. (dot dot) in the op parameter, as demonstrated by inserting malicious Email parameters into list.gtdat, then accessing list.gtdat using the op parameter.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-1162
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25119
- http://hamid.ir/security/nodez.txt
- http://secunia.com/advisories/19165
- http://securitytracker.com/id?1015747
- http://www.osvdb.org/23774
- http://www.securityfocus.com/bid/17066
- http://www.vupen.com/english/advisories/2006/0899
EPSS
CVE ID
Связанные уязвимости
Directory traversal vulnerability in Nodez 4.6.1.1 and earlier allows remote attackers to read or include arbitrary PHP files via a .. (dot dot) in the op parameter, as demonstrated by inserting malicious Email parameters into list.gtdat, then accessing list.gtdat using the op parameter.
EPSS