CVE-2006-4418
published 2006-08-28CVE-2006-4418: Directory traversal vulnerability in index.php for Wikepage 2006.2a Opus 10 allows remote attackers to include arbitrary local files via the lng parameter, as…
PriorityP424medium4CVSS 2.0
AVNACHAuNCPIPAN
EXPLOIT
EPSS
2.61%
83.5th percentile
Directory traversal vulnerability in index.php for Wikepage 2006.2a Opus 10 allows remote attackers to include arbitrary local files via the lng parameter, as demonstrated by inserting PHP code into a log file.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| wikepage | opus | — | — |
| wikepage | wikepage | — | — |
| wikepage | wikepage | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-vmqv-639r-75pj: Directory traversal vulnerability in index
ghsa_unreviewed·2022-05-01·CVSS 4.0
CVE-2008-1884 [MEDIUM] CWE-22 GHSA-vmqv-639r-75pj: Directory traversal vulnerability in index
Directory traversal vulnerability in index.php in Wikepage Opus 13 2007.2 allows remote attackers to read arbitrary files via directory traversal sequences in the wiki parameter, a different vector than CVE-2006-4418.
GHSA
GHSA-2jrp-jfq7-v896: Directory traversal vulnerability in index
ghsa_unreviewed·2022-05-01
CVE-2006-4418 [MEDIUM] GHSA-2jrp-jfq7-v896: Directory traversal vulnerability in index
Directory traversal vulnerability in index.php for Wikepage 2006.2a Opus 10 allows remote attackers to include arbitrary local files via the lng parameter, as demonstrated by inserting PHP code into a log file.
No detection rules found.
No writeups or analysis indexed.
http://secunia.com/advisories/21542http://www.osvdb.org/28177http://www.securityfocus.com/bid/19694http://www.vupen.com/english/advisories/2006/3386https://exchange.xforce.ibmcloud.com/vulnerabilities/28555https://www.exploit-db.com/exploits/2252http://secunia.com/advisories/21542http://www.osvdb.org/28177http://www.securityfocus.com/bid/19694http://www.vupen.com/english/advisories/2006/3386https://exchange.xforce.ibmcloud.com/vulnerabilities/28555https://www.exploit-db.com/exploits/2252
2006-08-28
Published