Vulnerabilities > CVE-2006-7035 - Denial-Of-Service vulnerability in Super Link Exchange Script Super Link Exchange Script 1.0

CVSS 7.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

NONE

Availability impact

NONE

network

low complexity

super-link-exchange-script

NVD

Published: 2007-02-23

Updated: 2018-10-16

Summary

Directory traversal vulnerability in make_thumbnail.php in Super Link Exchange Script 1.0 allows remote attackers to read arbitrary files via ".." sequences in the imgpath parameter.

Vulnerable Configurations

Part	Description	Count
Application	Super_Link_Exchange_Script Super Link Exchange Script Super Link Exchange Script 1.0	1

References

http://securityreason.com/securityalert/2285
http://www.securityfocus.com/archive/1/435166/30/4680/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/26722