Vulnerabilities > CVE-2006-3194 - Unspecified vulnerability in Singapore

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

singapore

exploit available

NVD

Published: 2006-06-23

Updated: 2024-11-21

Summary

Directory traversal vulnerability in index.php in singapore 0.10.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) sequence and trailing null (%00) byte in the (1) gallery and (2) template parameter.

Vulnerable Configurations

Part	Description	Count
Application	Singapore Singapore Singapore 0.9.3_Beta Singapore Singapore 0.9.1_Beta Singapore Singapore 0.9.10_Beta Singapore Singapore 0.9.9B_Beta Singapore Singapore 0.9.6_Beta Singapore Singapore 0.9.9A_Beta Singapore Singapore 0.9.4_Beta Singapore Singapore 0.9.7 Singapore Singapore 0.9A_Beta Singapore Singapore 0.9.7_Beta Singapore Singapore 0.9_Beta Singapore Singapore 0.10.0 Singapore Singapore 0.9.10 Singapore Singapore 0.9.5_Beta Singapore Singapore 0.9.8_Beta Singapore Singapore 0.9.2_Beta Singapore Singapore 0.9.11_Beta	17

Exploit-Db

description	singapore 0.9.x/0.10 Multiple Parameter Traversal Arbitrary File Access. CVE-2006-3194. Webapps exploit for php platform
id	EDB-ID:28066
last seen	2016-02-03
modified	2006-06-19
published	2006-06-19
reporter	simo64
source	https://www.exploit-db.com/download/28066/
title	singapore 0.9.x/0.10 - Multiple Parameter Traversal Arbitrary File Access

Summary

Vulnerable Configurations

Exploit-Db

References