CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2006-0132

Directory traversal vulnerability in webftp.php in SysCP WebFTP 1.2.6 and possibly earlier allows remote attackers to include and execute arbitrary local PHP scripts, and possibly read other types of files, via a .. (dot dot) and a trailing null in the webftp_language parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.009

EPSS Ranking 74.5%

CVSS Severity

CVSS v2 Score 5.0

References

http://secunia.com/advisories/18355
http://www.securityfocus.com/archive/1/420973/100/0/threaded
http://www.securityfocus.com/bid/16175
http://www.vupen.com/english/advisories/2006/0090
https://exchange.xforce.ibmcloud.com/vulnerabilities/24018
http://secunia.com/advisories/18355
http://www.securityfocus.com/archive/1/420973/100/0/threaded
http://www.securityfocus.com/bid/16175
http://www.vupen.com/english/advisories/2006/0090
https://exchange.xforce.ibmcloud.com/vulnerabilities/24018

Products affected by CVE-2006-0132

Webftp » Webftp » Version: 1.2.6

cpe:2.3:a:webftp:webftp:1.2.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-0132

Products

Pricing

Contact Us