Directory Traversal Vulnerabilities in Loudblog by Loudblog
CVE-2006-1114

Currently unrated

Key Information:

Vendor: Gerrit Van Aaken
Status: Loudblog
Vendor: CVE Published:; 9 March 2006

🔔 Create Gerrit Van Aaken Vulnerability Alert

What is CVE-2006-1114?

Multiple directory traversal vulnerabilities exist in Loudblog prior to version 0.42, enabling remote attackers to exploit the application by accessing arbitrary files. This can occur through manipulation of the template and page parameters in index.php, as well as the language parameter in inc/backend_settings.php, utilizing the .. (dot dot) sequence and a trailing %00 (NULL) byte. This exposure can lead to unauthorized information disclosure and exploitation of the system.

References

http://loudblog.de/forum/viewtopic.php?id=590

x_refsource_CONFIRM

http://www.securityfocus.com/bid/17023

vdb-entryx_refsource_BID

http://www.securityfocus.com/archive/1/426973/100/0/threaded

mailing-listx_refsource_BUGTRAQ

EPSS Score

7% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 9, 2006
Vulnerability Reserved
Mar 9, 2006

CVE-2006-1114 Data

JSON