admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-05-28 01:04:30 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2006/CVE-2006-6047.md
0xMarcio 48a00929ac Removed duplicates
2024-06-18 02:51:15 +02:00

778 B
Raw Blame History

CVE-2006-6047

Description

Directory traversal vulnerability in manager/index.php in Etomite 0.6.1.2 allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the f parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by index.php.

POC

Reference

Github

No PoCs found on GitHub currently.