Vulnerabilities > CVE-2006-5617 - Information Disclosure vulnerability in Thepeak File Upload Manager 1.3
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Directory traversal vulnerability in index.php in Thepeak File Upload Manager 1.3 allows remote attackers to read or download arbitrary files via a base64-encoded file path containing a .. (dot dot) sequence in the file parameter.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |