CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2006-5437

Directory traversal vulnerability in upgrade.php in phpAdsNew 2.0.8 allows remote attackers to read arbitrary files via a .. (dot dot) in the phpAds_config[language] parameter. NOTE: this issue could not be reproduced by a third party

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 44.9%

CVSS Severity

CVSS v2 Score 5.0

References

http://www.securityfocus.com/archive/1/448994/100/0/threaded
http://www.securityfocus.com/archive/1/449084/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/29640
http://www.securityfocus.com/archive/1/448994/100/0/threaded
http://www.securityfocus.com/archive/1/449084/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/29640

Products affected by CVE-2006-5437

Phpadsnew » Phpadsnew » Version: 2.0.8

cpe:2.3:a:phpadsnew:phpadsnew:2.0.8

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-5437

Products

Pricing

Contact Us