Vulnerabilities > CVE-2006-6877 - Directory Traversal vulnerability in 3Editor Cms
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Directory traversal vulnerability in index.php in Matteo Lucarelli 3editor CMS 0.42 and earlier, when register_globals is enabled, allows remote attackers to include arbitrary files via a .. (dot dot) in the page parameter.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | 3editor CMS <= 0.42 (index.php) Local File Include Vulnerability. CVE-2006-6877. Webapps exploit for php platform |
| file | exploits/php/webapps/2982.txt |
| id | EDB-ID:2982 |
| last seen | 2016-01-31 |
| modified | 2006-12-22 |
| platform | php |
| port | |
| published | 2006-12-22 |
| reporter | 3l3ctric-Cracker |
| source | https://www.exploit-db.com/download/2982/ |
| title | 3editor CMS <= 0.42 index.php Local File Include Vulnerability |
| type | webapps |