CVE-2006-5898
published 2006-11-15CVE-2006-5898: Directory traversal vulnerability in localization/languages.lib.php3 in PhpMyChat 0.14.5 and earlier allows remote attackers to read arbitrary files via a .…
PriorityP424medium5CVSS 2.0
AVNACLAuNCPINAN
EPSS
1.55%
72.1th percentile
Directory traversal vulnerability in localization/languages.lib.php3 in PhpMyChat 0.14.5 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the ChatPath parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| phpheaven | phpmychat | <= 0.14.5 | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
vendor_redhat7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-ch38-5gvh-4q25: Directory traversal vulnerability in localization/languages
ghsa_unreviewed·2022-05-01
CVE-2006-5898 [MEDIUM] GHSA-ch38-5gvh-4q25: Directory traversal vulnerability in localization/languages
Directory traversal vulnerability in localization/languages.lib.php3 in PhpMyChat 0.14.5 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the ChatPath parameter.
Red Hat
php htmlentities/htmlspecialchars multibyte sequences
vendor_redhat·2007-11-08·CVSS 7.5
CVE-2007-5898 [HIGH] php htmlentities/htmlspecialchars multibyte sequences
php htmlentities/htmlspecialchars multibyte sequences
The (1) htmlentities and (2) htmlspecialchars functions in PHP before 5.2.5 accept partial multibyte sequences, which has unknown impact and attack vectors, a different issue than CVE-2006-5465.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://securityreason.com/securityalert/1852http://www.securityfocus.com/archive/1/450923/100/0/threadedhttps://exchange.xforce.ibmcloud.com/vulnerabilities/30121http://securityreason.com/securityalert/1852http://www.securityfocus.com/archive/1/450923/100/0/threadedhttps://exchange.xforce.ibmcloud.com/vulnerabilities/30121
2006-11-15
Published