CVE-2006-1346
published 2006-03-22CVE-2006-1346: Directory traversal vulnerability in inc/setLang.php in Greg Neustaetter gCards 1.45 and earlier allows remote attackers to include and execute arbitrary local…
PriorityP337medium6.4CVSS 2.0
AVNACLAuNCPIPAN
EXPLOIT
EPSS
7.25%
93.6th percentile
Directory traversal vulnerability in inc/setLang.php in Greg Neustaetter gCards 1.45 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in a lang[*][file] parameter, as demonstrated by injecting PHP sequences into an Apache access_log file, which is then included by index.php.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| greg_neustaetter | gcards | <= 1.45 | — |
| greg_neustaetter | gcards | — | — |
| greg_neustaetter | gcards | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-g22h-h5x3-hwcq: Cross-site scripting (XSS) vulnerability in index
ghsa_unreviewed·2022-05-01·CVSS 6.4
CVE-2006-1348 [MEDIUM] GHSA-g22h-h5x3-hwcq: Cross-site scripting (XSS) vulnerability in index
Cross-site scripting (XSS) vulnerability in index.php in Greg Neustaetter gCards 1.45 and earlier allows remote attackers to inject arbitrary web script or HTML via the lang[*][file] parameter, which is injected into an error message. NOTE: this issue might be resultant from CVE-2006-1346.
GHSA
GHSA-p2c5-vvpj-4jv2: Directory traversal vulnerability in inc/setLang
ghsa_unreviewed·2022-05-01
CVE-2006-1346 [MEDIUM] GHSA-p2c5-vvpj-4jv2: Directory traversal vulnerability in inc/setLang
Directory traversal vulnerability in inc/setLang.php in Greg Neustaetter gCards 1.45 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in a lang[*][file] parameter, as demonstrated by injecting PHP sequences into an Apache access_log file, which is then included by index.php.
No detection rules found.
No writeups or analysis indexed.
http://attrition.org/pipermail/vim/2006-April/000698.htmlhttp://secunia.com/advisories/19322http://www.osvdb.org/24016http://www.securityfocus.com/bid/17165http://www.vupen.com/english/advisories/2006/1015https://www.exploit-db.com/exploits/1595http://attrition.org/pipermail/vim/2006-April/000698.htmlhttp://secunia.com/advisories/19322http://www.osvdb.org/24016http://www.securityfocus.com/bid/17165http://www.vupen.com/english/advisories/2006/1015https://www.exploit-db.com/exploits/1595
2006-03-22
Published