Vulnerabilities > CVE-2006-4753 - Unspecified vulnerability in Comscripts PHProg 1.0
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN comscripts
exploit available
Summary
Directory traversal vulnerability in index.php in PHProg before 1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | PHProg 1.0 index.php lang Parameter Traversal Arbitrary File Access. CVE-2006-4753 . Webapps exploit for php platform |
| id | EDB-ID:28511 |
| last seen | 2016-02-03 |
| modified | 2006-09-11 |
| published | 2006-09-11 |
| reporter | cdg393 |
| source | https://www.exploit-db.com/download/28511/ |
| title | PHProg 1.0 index.php lang Parameter Traversal Arbitrary File Access |
References
- http://www.pconfig.com/cdg393/adviso/PHProg.txt
- http://www.comscripts.com/scripts/php.phprog-album-photo-php.2117.html
- http://www.securityfocus.com/bid/19957
- http://secunia.com/advisories/21849
- http://marc.info/?l=full-disclosure&m=115796646100433&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28847