CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2006-2156

Directory traversal vulnerability in help/index.php in X7 Chat 2.0 and earlier allows remote attackers to include arbitrary files via .. (dot dot) sequences in the help_file parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.137

EPSS Ranking 93.8%

CVSS Severity

CVSS v2 Score 6.4

References

http://secunia.com/advisories/19886
http://securityreason.com/securityalert/829
http://www.osvdb.org/25149
http://www.securityfocus.com/archive/1/432716/100/0/threaded
http://www.securityfocus.com/bid/17777
http://www.vupen.com/english/advisories/2006/1608
https://exchange.xforce.ibmcloud.com/vulnerabilities/26218
https://www.exploit-db.com/exploits/1738
http://secunia.com/advisories/19886
http://securityreason.com/securityalert/829
http://www.osvdb.org/25149
http://www.securityfocus.com/archive/1/432716/100/0/threaded
http://www.securityfocus.com/bid/17777
http://www.vupen.com/english/advisories/2006/1608
https://exchange.xforce.ibmcloud.com/vulnerabilities/26218
https://www.exploit-db.com/exploits/1738

Products affected by CVE-2006-2156

X7 Group » X7 Chat » Version: 1.3.2b

cpe:2.3:a:x7_group:x7_chat:1.3.2b
X7 Group » X7 Chat » Version: 1.3.3b

cpe:2.3:a:x7_group:x7_chat:1.3.3b
X7 Group » X7 Chat » Version: 1.3.4b

cpe:2.3:a:x7_group:x7_chat:1.3.4b
X7 Group » X7 Chat » Version: 1.3.5b

cpe:2.3:a:x7_group:x7_chat:1.3.5b
X7 Group » X7 Chat » Version: 1.3.6

cpe:2.3:a:x7_group:x7_chat:1.3.6
X7 Group » X7 Chat » Version: 2.0

cpe:2.3:a:x7_group:x7_chat:2.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-2156

Products

Pricing

Contact Us