CVE-2006-5031

Directory traversal vulnerability in app/webroot/js/vendors.php in Cake Software Foundation CakePHP before 1.1.8.3544 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter, followed by a filename ending with "%00" and a .js filename.

Published: Sep 28, 2006
Updated: May 9, 2024
CVE: CVE-2006-5031
GHSA: GHSA-rw73-xmpv-j5x2
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-22

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
cakefoundation / cakephp	-	1.1.7.3363.x
cakephp / cakephp	1.0.1.2708	1.1.8.3544

http://cakeforge.org/frs/shownotes.php?release_id=134
http://secunia.com/advisories/22040
http://www.gulftech.org/?node=research&article_id=00114-09212006
http://www.securityfocus.com/bid/20150
https://exchange.xforce.ibmcloud.com/vulnerabilities/29115

Vulnerability Database

CVE-2006-5031