Vulnerabilities > CVE-2006-6384 - Directory Traversal vulnerability in Abitwhizzy

CVSS 7.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

NONE

Availability impact

NONE

network

low complexity

john-goodman

NVD

Published: 2006-12-07

Updated: 2008-09-05

Summary

Absolute path traversal vulnerability in abitwhizzy.php before 20061204 allows remote attackers to read arbitrary files via an absolute pathname in the Filename text window (f parameter), a variant of CVE-2006-6084.

Vulnerable Configurations

Part	Description	Count
Application	John_Goodman John Goodman Abitwhizzy *	1

References

http://www.unverse.net/abitwhizzy-forum/0611251408/