CVE-2006-6513

The CControl::Download function (/dl URI) in Winamp Web Interface (Wawi) 7.5.13 and earlier allows remote authenticated users to download arbitrary file types under the root via a trailing "." (dot) in a filename in the file parameter, related to erroneous behavior of the IsWinampFile function.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:flippet.org:winamp_web_interface:*:*:*:*:*:*:*:*
cpe:2.3:a:flippet.org:winamp_web_interface:7.5.9:*:*:*:*:*:*:*
cpe:2.3:a:flippet.org:winamp_web_interface:7.5.11:*:*:*:*:*:*:*

History

No history.

Information

Published : 2006-12-14 01:28

Updated : 2024-02-28 11:01


NVD link : CVE-2006-6513

Mitre link : CVE-2006-6513

CVE.ORG link : CVE-2006-6513


JSON object : View

Products Affected

flippet.org

  • winamp_web_interface