Vulnerabilities > CVE-2006-1162 - Input Validation vulnerability in Nodez 4.6.1.1
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Directory traversal vulnerability in Nodez 4.6.1.1 and earlier allows remote attackers to read or include arbitrary PHP files via a .. (dot dot) in the op parameter, as demonstrated by inserting malicious Email parameters into list.gtdat, then accessing list.gtdat using the op parameter.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | Nodez <= 4.6.1.1 Mercury Multiple Remote Vulnerabilities. CVE-2006-1162,CVE-2006-1164. Webapps exploit for php platform |
id | EDB-ID:1588 |
last seen | 2016-01-31 |
modified | 2006-03-18 |
published | 2006-03-18 |
reporter | rgod |
source | https://www.exploit-db.com/download/1588/ |
title | nodez <= 4.6.1.1 mercury Multiple Vulnerabilities |