CVE-2006-6328
published 2006-12-06CVE-2006-6328: Directory traversal vulnerability in index.php for TorrentFlux 2.2 allows remote attackers to create or overwrite arbitrary files via sequences in the…
PriorityP430medium4.9CVSS 2.0
AVNACMAuSCNIPAP
EXPLOIT
EPSS
2.37%
81.7th percentile
Directory traversal vulnerability in index.php for TorrentFlux 2.2 allows remote attackers to create or overwrite arbitrary files via sequences in the alias_file parameter.
Affected
28 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| torrentflux | torrentflux | <= 2.2 | — |
| torrentflux | torrentflux | — | — |
| torrentflux | torrentflux-b4rt | <= 2.1_b4rt971 | — |
| torrentflux | torrentflux-b4rt | — | — |
| torrentflux | torrentflux-b4rt | — | — |
| torrentflux | torrentflux-b4rt | — | — |
| torrentflux | torrentflux-b4rt | — | — |
| torrentflux | torrentflux-b4rt | — | — |
| torrentflux | torrentflux-b4rt | — | — |
| torrentflux | torrentflux-b4rt | — | — |
| torrentflux | torrentflux-b4rt | — | — |
| torrentflux | torrentflux-b4rt | — | — |
| torrentflux | torrentflux-b4rt | — | — |
| torrentflux | torrentflux-b4rt | — | — |
| torrentflux | torrentflux-b4rt | — | — |
| torrentflux | torrentflux-b4rt | — | — |
| torrentflux | torrentflux-b4rt | — | — |
| torrentflux | torrentflux-b4rt | — | — |
| torrentflux | torrentflux-b4rt | — | — |
| torrentflux | torrentflux-b4rt | — | — |
| torrentflux | torrentflux-b4rt | — | — |
| torrentflux | torrentflux-b4rt | — | — |
| torrentflux | torrentflux-b4rt | — | — |
| torrentflux | torrentflux-b4rt | — | — |
| torrentflux | torrentflux-b4rt | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-46px-8w8f-h8g6: Directory traversal vulnerability in downloaddetails
ghsa_unreviewed·2022-05-01·CVSS 4.9
CVE-2006-6604 [MEDIUM] GHSA-46px-8w8f-h8g6: Directory traversal vulnerability in downloaddetails
Directory traversal vulnerability in downloaddetails.php in TorrentFlux 2.2 allows remote authenticated users to read arbitrary files via .. (dot dot) sequences in the alias parameter, a different vector than CVE-2006-6328.
GHSA
GHSA-5xc7-wggh-4p96: Directory traversal vulnerability in viewnfo
ghsa_unreviewed·2022-05-01·CVSS 4.9
CVE-2006-6598 [MEDIUM] GHSA-5xc7-wggh-4p96: Directory traversal vulnerability in viewnfo
Directory traversal vulnerability in viewnfo.php in (1) TorrentFlux before 2.2 and (2) torrentflux-b4rt before 2.1-b4rt-972 allows remote authenticated users to read arbitrary files via .. (dot dot) sequences in the path parameter, a different vector than CVE-2006-6328.
GHSA
GHSA-2qj5-w89p-292r: Directory traversal vulnerability in index
ghsa_unreviewed·2022-05-01
CVE-2006-6328 [MEDIUM] GHSA-2qj5-w89p-292r: Directory traversal vulnerability in index
Directory traversal vulnerability in index.php for TorrentFlux 2.2 allows remote attackers to create or overwrite arbitrary files via sequences in the alias_file parameter.
No detection rules found.
No writeups or analysis indexed.
2006-12-06
Published