Vulnerabilities > CVE-2006-5528 - Input Validation vulnerability in Schoolalumni Portal Schoolalumni Portal 2.26

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
low complexity
schoolalumni-portal
exploit available
NVD
Published: 2006-10-26
Updated: 2008-09-05

Summary

Directory traversal vulnerability in mod.php in SchoolAlumni Portal 2.26 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the mod parameter. NOTE: some of these details are obtained from third party information.

Vulnerable Configurations

Part Description Count
Application
Schoolalumni_Portal
1

Exploit-Db

descriptionSchoolAlumni Portal 2.26 mod.php mod Parameter Traversal Local File Inclusion. CVE-2006-5528. Webapps exploit for php platform
idEDB-ID:28840
last seen2016-02-03
modified2006-10-23
published2006-10-23
reporterMP
sourcehttps://www.exploit-db.com/download/28840/
titleSchoolAlumni Portal 2.26 mod.php mod Parameter Traversal Local File Inclusion

References