Directory traversal vulnerability in FolderManager/FolderManager.aspx in Hosting Controller 7c allows remote authenticated users to read and modify arbitrary files, and list arbitrary directories via ..\ (dot dot backslash) sequences in the BrowsePath parameter.
References
Link | Resource |
---|---|
http://secunia.com/advisories/23585 | |
http://securitytracker.com/id?1017447 | Exploit |
http://www.kapda.ir/advisory-458.html | Exploit Vendor Advisory |
http://www.securityfocus.com/bid/21786 | Exploit |
http://www.vupen.com/english/advisories/2007/0023 | |
http://secunia.com/advisories/23585 | |
http://securitytracker.com/id?1017447 | Exploit |
http://www.kapda.ir/advisory-458.html | Exploit Vendor Advisory |
http://www.securityfocus.com/bid/21786 | Exploit |
http://www.vupen.com/english/advisories/2007/0023 |
Configurations
History
21 Nov 2024, 00:23
Type | Values Removed | Values Added |
---|---|---|
References | () http://secunia.com/advisories/23585 - | |
References | () http://securitytracker.com/id?1017447 - Exploit | |
References | () http://www.kapda.ir/advisory-458.html - Exploit, Vendor Advisory | |
References | () http://www.securityfocus.com/bid/21786 - Exploit | |
References | () http://www.vupen.com/english/advisories/2007/0023 - |
Information
Published : 2006-12-29 11:28
Updated : 2024-11-21 00:23
NVD link : CVE-2006-6814
Mitre link : CVE-2006-6814
CVE.ORG link : CVE-2006-6814
JSON object : View
Products Affected
hosting_controller
- hosting_controller
CWE