Vulnerabilities > CVE-2006-1762 - Unspecified vulnerability in Blursoft Blur6Ex 0.3.462

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

blursoft

NVD

Published: 2006-04-13

Updated: 2024-11-21

Summary

Directory traversal vulnerability in index.php in blur6ex 0.3.452 allows remote attackers to include arbitrary files via the shard parameter. NOTE: this issue can be exploited to produce resultant XSS when the parameter has XSS manipulations, and path disclosure with other invalid values.

Vulnerable Configurations

Part	Description	Count
Application	Blursoft Blursoft Blur6Ex 0.3.462	1

References

http://www.attrition.org/pipermail/vim/2006-April/000691.html
http://www.attrition.org/pipermail/vim/2006-April/000691.html
http://www.securityfocus.com/archive/1/430607/100/0/threaded
http://www.securityfocus.com/archive/1/430607/100/0/threaded
http://www.securityfocus.com/archive/1/430885/100/0/threaded
http://www.securityfocus.com/archive/1/430885/100/0/threaded
http://www.securityfocus.com/archive/1/491565/100/0/threaded
http://www.securityfocus.com/archive/1/491565/100/0/threaded
http://www.securityfocus.com/bid/17465
http://www.securityfocus.com/bid/17465
https://exchange.xforce.ibmcloud.com/vulnerabilities/25758
https://exchange.xforce.ibmcloud.com/vulnerabilities/25758