CVE-2006-3194

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2006-3194
Directory traversal vulnerability in index.php in singapore 0.10.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) sequence and trailing null (%00) byte in the (1) gallery and (2) template parameter.

6.4 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:N

Exploitability : 10.0 / Impact : 4.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

References
Link Resource
http://secunia.com/advisories/20724 Vendor Advisory
http://securityreason.com/securityalert/1135
http://www.securityfocus.com/archive/1/437716/100/0/threaded
http://www.securityfocus.com/bid/18518 Exploit
http://www.vupen.com/english/advisories/2006/2457
https://exchange.xforce.ibmcloud.com/vulnerabilities/27325
http://secunia.com/advisories/20724 Vendor Advisory
http://securityreason.com/securityalert/1135
http://www.securityfocus.com/archive/1/437716/100/0/threaded
http://www.securityfocus.com/bid/18518 Exploit
http://www.vupen.com/english/advisories/2006/2457
https://exchange.xforce.ibmcloud.com/vulnerabilities/27325
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:singapore:singapore:0.9.1_beta:*:*:*:*:*:*:*
cpe:2.3:a:singapore:singapore:0.9.2_beta:*:*:*:*:*:*:*
cpe:2.3:a:singapore:singapore:0.9.3_beta:*:*:*:*:*:*:*
cpe:2.3:a:singapore:singapore:0.9.4_beta:*:*:*:*:*:*:*
cpe:2.3:a:singapore:singapore:0.9.5_beta:*:*:*:*:*:*:*
cpe:2.3:a:singapore:singapore:0.9.6_beta:*:*:*:*:*:*:*
cpe:2.3:a:singapore:singapore:0.9.7:*:*:*:*:*:*:*
cpe:2.3:a:singapore:singapore:0.9.7_beta:*:*:*:*:*:*:*
cpe:2.3:a:singapore:singapore:0.9.8_beta:*:*:*:*:*:*:*
cpe:2.3:a:singapore:singapore:0.9.9a_beta:*:*:*:*:*:*:*
cpe:2.3:a:singapore:singapore:0.9.9b_beta:*:*:*:*:*:*:*
cpe:2.3:a:singapore:singapore:0.9.10:*:*:*:*:*:*:*
cpe:2.3:a:singapore:singapore:0.9.10_beta:*:*:*:*:*:*:*
cpe:2.3:a:singapore:singapore:0.9.11_beta:*:*:*:*:*:*:*
cpe:2.3:a:singapore:singapore:0.9_beta:*:*:*:*:*:*:*
cpe:2.3:a:singapore:singapore:0.9a_beta:*:*:*:*:*:*:*
cpe:2.3:a:singapore:singapore:0.10.0:*:*:*:*:*:*:*
History

21 Nov 2024, 00:13

Type Values Removed Values Added
References () http://secunia.com/advisories/20724 - Vendor Advisory () http://secunia.com/advisories/20724 - Vendor Advisory
References () http://securityreason.com/securityalert/1135 - () http://securityreason.com/securityalert/1135 -
References () http://www.securityfocus.com/archive/1/437716/100/0/threaded - () http://www.securityfocus.com/archive/1/437716/100/0/threaded -
References () http://www.securityfocus.com/bid/18518 - Exploit () http://www.securityfocus.com/bid/18518 - Exploit
References () http://www.vupen.com/english/advisories/2006/2457 - () http://www.vupen.com/english/advisories/2006/2457 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/27325 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/27325 -
Information

Published : 2006-06-23 00:02

Updated : 2024-11-21 00:13

NVD link : CVE-2006-3194

Mitre link : CVE-2006-3194

CVE.ORG link : CVE-2006-3194

JSON object : View

Products Affected

singapore

  • singapore
CWE
NVD-CWE-Other

NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024