Vulnerabilities > CVE-2006-2280 - Unspecified vulnerability in Openengine 1.7.1/1.8Beta2

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
openengine
exploit available
NVD
Published: 2006-05-10
Updated: 2018-10-18

Summary

Directory traversal vulnerability in website.php in openEngine 1.8 Beta 2 and earlier allows remote attackers to list arbitrary directories and read arbitrary files via a .. (dot dot) in the template parameter.

Vulnerable Configurations

Part Description Count
Application
Openengine
2

Exploit-Db

descriptionOpenEngine 1.7/1.8 Template Unauthorized Access Vulnerability. CVE-2006-2280 . Webapps exploit for php platform
idEDB-ID:27823
last seen2016-02-03
modified2006-05-08
published2006-05-08
reporter[email protected]
sourcehttps://www.exploit-db.com/download/27823/
titleOpenEngine 1.7/1.8 Template Unauthorized Access Vulnerability

References