Vulnerabilities > CVE-2006-6033 - Unspecified vulnerability in Sphpblog 0.4.8
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Multiple directory traversal vulnerabilities in Simple PHP Blog (SPHPBlog), probably 0.4.8, allow remote attackers to read arbitrary files and possibly include arbitrary PHP code via a .. (dot dot) sequence in the blog_theme parameter in (1) index.php, (2) add_cgi.php, (3) add_link.php, (4) login.php, (5) template.php, or (6) contact.php.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- http://securityreason.com/securityalert/1892
- http://securityreason.com/securityalert/1892
- http://www.securityfocus.com/archive/1/451954/100/0/threaded
- http://www.securityfocus.com/archive/1/451954/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30383
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30383