Vulnerabilities > CVE-2006-6604 - Unspecified vulnerability in Torrentflux 2.2
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN torrentflux
exploit available
Summary
Directory traversal vulnerability in downloaddetails.php in TorrentFlux 2.2 allows remote authenticated users to read arbitrary files via .. (dot dot) sequences in the alias parameter, a different vector than CVE-2006-6328.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | TorrentFlux 2.2 (downloaddetails.php) Local File Disclosure Exploit. CVE-2006-6598,CVE-2006-6604. Webapps exploit for php platform |
| file | exploits/php/webapps/2902.pl |
| id | EDB-ID:2902 |
| last seen | 2016-01-31 |
| modified | 2006-12-09 |
| platform | php |
| port | |
| published | 2006-12-09 |
| reporter | r0ut3r |
| source | https://www.exploit-db.com/download/2902/ |
| title | TorrentFlux 2.2 downloaddetails.php Local File Disclosure Exploit |
| type | webapps |
References
- http://secunia.com/advisories/23270
- http://secunia.com/advisories/23270
- http://www.securityfocus.com/bid/21525
- http://www.securityfocus.com/bid/21525
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30831
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30831
- https://www.exploit-db.com/exploits/2902
- https://www.exploit-db.com/exploits/2902