CVE-2006-2747
CVE-2006-2747
Directory traversal vulnerability in index.php in PhpMyDesktop|arcade 1.0 FINAL allows remote attackers to read arbitrary files or execute PHP code via a .. (dot dot) sequence and trailing null (%00) byte in the subsite parameter in a showsubsite todo.
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/27926unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://secunia.com/advisories/20373http://securityreason.com/securityalert/1009http://securitytracker.com/id?1016180https://exchange.xforce.ibmcloud.com/vulnerabilities/26724http://www.securityfocus.com/archive/1/435365/100/0/threadedhttp://www.securityfocus.com/bid/18185http://www.vupen.com/english/advisories/2006/2065