cbcvebase.
CVE-2006-2633
published 2006-05-30

CVE-2006-2633: Absolute path traversal vulnerability in the copy action in index.php in Andrew Godwin ByteHoard 2.1 and earlier allows remote authenticated users to create or…

PriorityP415medium4CVSS 2.0
AVNACLAuSCNIPAN
EPSS
1.27%
66.2th percentile
Absolute path traversal vulnerability in the copy action in index.php in Andrew Godwin ByteHoard 2.1 and earlier allows remote authenticated users to create or overwrite files in other users' directories by specifying the absolute path of the directory in the infolder parameter and simultaneously specifying the filename in the filepath parameter.

Affected

12 ranges
VendorProductVersion rangeFixed in
andrew_godwinbytehoard
andrew_godwinbytehoard
andrew_godwinbytehoard
andrew_godwinbytehoard
andrew_godwinbytehoard
andrew_godwinbytehoard
andrew_godwinbytehoard
andrew_godwinbytehoard
andrew_godwinbytehoard
andrew_godwinbytehoard
andrew_godwinbytehoard
andrew_godwinbytehoard
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.