CVE-2006-5773
published 2006-11-06CVE-2006-5773: Directory traversal vulnerability in index.php in FreeWebshop 2.2.1 and earlier allows remote attackers to read arbitrary files and disclose the installation…
PriorityP434medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
7.69%
93.8th percentile
Directory traversal vulnerability in index.php in FreeWebshop 2.2.1 and earlier allows remote attackers to read arbitrary files and disclose the installation path via a .. (dot dot) in the action parameter.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| freewebshop | freewebshop | <= 2.2.1 | — |
| freewebshop | freewebshop | <= 2.2.2 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-4639-6cpq-frpg: Directory traversal vulnerability in index
ghsa_unreviewed·2022-05-01·CVSS 5.0
CVE-2006-5846 [MEDIUM] CWE-22 GHSA-4639-6cpq-frpg: Directory traversal vulnerability in index
Directory traversal vulnerability in index.php in FreeWebshop 2.2.2 and earlier allows remote attackers to read and include arbitrary files via a .. (dot dot) in the page parameter, a different vector than CVE-2006-5773.
GHSA
GHSA-6hg5-pj5g-p6fg: Directory traversal vulnerability in index
ghsa_unreviewed·2022-05-01
CVE-2006-5773 [MEDIUM] GHSA-6hg5-pj5g-p6fg: Directory traversal vulnerability in index
Directory traversal vulnerability in index.php in FreeWebshop 2.2.1 and earlier allows remote attackers to read arbitrary files and disclose the installation path via a .. (dot dot) in the action parameter.
No detection rules found.
No writeups or analysis indexed.
http://secunia.com/advisories/22664http://www.freewebshop.org/index.php?id=27http://www.securityfocus.com/bid/20888http://www.vupen.com/english/advisories/2006/4332https://exchange.xforce.ibmcloud.com/vulnerabilities/29991https://www.exploit-db.com/exploits/2704http://secunia.com/advisories/22664http://www.freewebshop.org/index.php?id=27http://www.securityfocus.com/bid/20888http://www.vupen.com/english/advisories/2006/4332https://exchange.xforce.ibmcloud.com/vulnerabilities/29991https://www.exploit-db.com/exploits/2704
2006-11-06
Published