CVE

Id
16348  
CVE No.
CVE-2006-0244  
Status
Candidate  
Description
** DISPUTED ** Directory traversal vulnerability in workspaces.php in phpXplorer 0.9.33 allows remote attackers to include arbitrary files via a .. (dot dot) and trailing null byte (%00) in the sShare parameter. NOTE: a followup post claims that this is not a vulnerability since the functionality of phpXplorer supports the upload of PHP files, which would not cross privilege boundaries since the PHP functionality would support read access outside the web root.  
Phase
Assigned (20060118)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
130128 16348 CVE-2006-0244 BUGTRAQ:20060116 Directory traversal in phpXplorer  View
130129 16348 CVE-2006-0244 URL:http://www.securityfocus.com/archive/1/archive/1/421997/100/0/threaded  View
130130 16348 CVE-2006-0244 BUGTRAQ:20060116 Re: Directory traversal in phpXplorer  View
130131 16348 CVE-2006-0244 URL:http://www.securityfocus.com/archive/1/archive/1/422158/100/0/threaded  View
130132 16348 CVE-2006-0244 MISC:http://www.arrelnet.com/advisories/adv20060116.html  View
130133 16348 CVE-2006-0244 BID:16263  View
130134 16348 CVE-2006-0244 URL:http://www.securityfocus.com/bid/16263  View
130135 16348 CVE-2006-0244 VUPEN:ADV-2006-0232  View
130136 16348 CVE-2006-0244 URL:http://www.vupen.com/english/advisories/2006/0232  View
130137 16348 CVE-2006-0244 SECUNIA:18518  View
130138 16348 CVE-2006-0244 URL:http://secunia.com/advisories/18518  View
130139 16348 CVE-2006-0244 SREASON:353  View
130140 16348 CVE-2006-0244 URL:http://securityreason.com/securityalert/353  View
130141 16348 CVE-2006-0244 XF:phpxplorer-sshare-directory-traversal(39982)  View

Related JVN