CVE-2006-5510
published 2006-10-25CVE-2006-5510: Directory traversal vulnerability in explorer_load_lang.php in PH Pexplorer 0.24 allows remote attackers to include arbitrary local files via ".." sequences in…
PriorityP432medium6.4CVSS 2.0
AVNACLAuNCPIPAN
EXPLOIT
EPSS
2.91%
85.3th percentile
Directory traversal vulnerability in explorer_load_lang.php in PH Pexplorer 0.24 allows remote attackers to include arbitrary local files via ".." sequences in the Language cookie, as demonstrated by uploading a .gif file that contains PHP code.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| bluevirus-design | ph_pexplorer | <= 0.24 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://secunia.com/advisories/22504http://www.osvdb.org/29899http://www.rahim.webd.pl/exploity/Exploits/104.txthttp://www.securityfocus.com/bid/20665http://www.vupen.com/english/advisories/2006/4128https://exchange.xforce.ibmcloud.com/vulnerabilities/29714https://www.exploit-db.com/exploits/2598http://secunia.com/advisories/22504http://www.osvdb.org/29899http://www.rahim.webd.pl/exploity/Exploits/104.txthttp://www.securityfocus.com/bid/20665http://www.vupen.com/english/advisories/2006/4128https://exchange.xforce.ibmcloud.com/vulnerabilities/29714https://www.exploit-db.com/exploits/2598
2006-10-25
Published