CVE-2006-5618
published 2006-10-31CVE-2006-5618: Directory traversal vulnerability in script/cat_for_aff.php in Netref 4 allows remote attackers to read arbitrary files via a .. (dot dot) sequence in the…
PriorityP428medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
2.85%
85.0th percentile
Directory traversal vulnerability in script/cat_for_aff.php in Netref 4 allows remote attackers to read arbitrary files via a .. (dot dot) sequence in the ad_direct parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| netref | netref | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Netref 4 ad_direct path traversal (EDB-2677 / XFDB-29889)
vuldb·2026-04-25·CVSS 5.0
CVE-2006-5618 [MEDIUM] Netref 4 ad_direct path traversal (EDB-2677 / XFDB-29889)
A vulnerability described as problematic has been identified in Netref 4. Impacted is an unknown function. Such manipulation of the argument ad_direct leads to path traversal.
This vulnerability is listed as CVE-2006-5618. The attack may be performed from remote. In addition, an exploit is available.
GHSA
GHSA-h535-529j-j392: Directory traversal vulnerability in script/cat_for_aff
ghsa_unreviewed·2022-05-01
CVE-2006-5618 [MEDIUM] GHSA-h535-529j-j392: Directory traversal vulnerability in script/cat_for_aff
Directory traversal vulnerability in script/cat_for_aff.php in Netref 4 allows remote attackers to read arbitrary files via a .. (dot dot) sequence in the ad_direct parameter.
No detection rules found.
No writeups or analysis indexed.
http://secunia.com/advisories/22610http://www.securityfocus.com/bid/20789http://www.vupen.com/english/advisories/2006/4259https://exchange.xforce.ibmcloud.com/vulnerabilities/29889https://www.exploit-db.com/exploits/2677http://secunia.com/advisories/22610http://www.securityfocus.com/bid/20789http://www.vupen.com/english/advisories/2006/4259https://exchange.xforce.ibmcloud.com/vulnerabilities/29889https://www.exploit-db.com/exploits/2677
2006-10-31
Published