CVE-2006-5733 in PostNukeinformação

Sumário

de MITRE

Directory traversal vulnerability in error.php in PostNuke 0.763 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the PNSVlang (PNSV lang) cookie, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by error.php.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservar

06/11/2006

Divulgação

06/11/2006

Moderação

aceite

Entrada

VDB-33126

CPE

pronto

Exploração

Descarregar

EPSS

0.02979

KEV

não

Atividades

muito baixo

Fontes

Interested in the pricing of exploits?

See the underground prices here!