CVE-2006-6262

Опубликовано: 04 дек. 2006

Источник: nvd

CVSS2: 6.4

EPSS Низкий

Описание

Directory traversal vulnerability in mboard.php in PHPJunkYard (aka Klemen Stirn) MBoard 1.22 and earlier allows remote attackers to create arbitrary empty files via a .. (dot dot) in the orig_id parameter.

Ссылки

http://secunia.com/advisories/23129
Patch
Vendor Advisory
http://securityreason.com/securityalert/1988
http://www.mayhemiclabs.com/advisories/MHL-2006-004.txt
Patch
Vendor Advisory
http://www.mayhemiclabs.com/wiki/wikka.php?wakka=MHL2006004
Patch
Vendor Advisory
http://www.securityfocus.com/archive/1/452772/100/0/threaded
http://www.securityfocus.com/bid/21304
http://www.vupen.com/english/advisories/2006/4769
https://exchange.xforce.ibmcloud.com/vulnerabilities/30558
http://secunia.com/advisories/23129
Patch
Vendor Advisory
http://securityreason.com/securityalert/1988
http://www.mayhemiclabs.com/advisories/MHL-2006-004.txt
Patch
Vendor Advisory
http://www.mayhemiclabs.com/wiki/wikka.php?wakka=MHL2006004
Patch
Vendor Advisory
http://www.securityfocus.com/archive/1/452772/100/0/threaded
http://www.securityfocus.com/bid/21304
http://www.vupen.com/english/advisories/2006/4769
https://exchange.xforce.ibmcloud.com/vulnerabilities/30558

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:phpjunkyard:phpjunkyard_mboard:*:*:*:*:*:*:*:*

Версия до 1.22 (включая)

EPSS

Процентиль: 89%

0.05003

Низкий

6.4 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-prrf-57xv-6pwh

github

почти 4 года назад