1. CVE-Search
  2. CVE-2006-6814
ID CVE-2006-6814
Summary Directory traversal vulnerability in FolderManager/FolderManager.aspx in Hosting Controller 7c allows remote authenticated users to read and modify arbitrary files, and list arbitrary directories via ..\ (dot dot backslash) sequences in the BrowsePath parameter.
References
Vulnerable Configurations
  • cpe:2.3:a:hosting_controller:hosting_controller:7c:*:*:*:*:*:*:*
    cpe:2.3:a:hosting_controller:hosting_controller:7c:*:*:*:*:*:*:*
CVSS
Base: 6.3 (as of 08-03-2011 - 02:47)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM SINGLE
Impact
ConfidentialityIntegrityAvailability
COMPLETE NONE NONE
cvss-vector via4 AV:N/AC:M/Au:S/C:C/I:N/A:N
refmap via4
bid 21786
misc http://www.kapda.ir/advisory-458.html
sectrack 1017447
secunia 23585
vupen ADV-2007-0023
Last major update 08-03-2011 - 02:47
Published 29-12-2006 - 11:28
Last modified 08-03-2011 - 02:47
Back to Top