Vulnerabilities > CVE-2006-6569 - Input Validation vulnerability in Genesistrader 1.0

CVSS 7.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

NONE

Availability impact

NONE

network

low complexity

genesistrader

exploit available

NVD

Published: 2006-12-15

Updated: 2018-10-17

Summary

form.php in GenesisTrader 1.0 allows remote attackers to read source code for arbitrary files and obtain sensitive information via the (1) do and (2) chem parameters with a "modfich" floap parameter.

Vulnerable Configurations

Part	Description	Count
Application	Genesistrader Genesistrader Genesistrader 1.0	1

Exploit-Db

description	GenesisTrader 1.0 form.php Arbitrary File Source Disclosure. CVE-2006-6569. Webapps exploit for php platform
id	EDB-ID:29282
last seen	2016-02-03
modified	2006-12-14
published	2006-12-14
reporter	Mr_KaLiMaN
source	https://www.exploit-db.com/download/29282/
title	GenesisTrader 1.0 form.php Arbitrary File Source Disclosure

Summary

Vulnerable Configurations

Exploit-Db

References