CVE-2006-0132

Description

Directory traversal vulnerability in webftp.php in SysCP WebFTP 1.2.6 and possibly earlier allows remote attackers to include and execute arbitrary local PHP scripts, and possibly read other types of files, via a .. (dot dot) and a trailing null in the webftp_language parameter.

CVSS Version 2.0

nvd
CVE ID: CVE-2006-0132
Base Score: 5.0
Base Severity: MEDIUM
Vector String:AV:N/AC:L/Au:N/C:N/I:P/A:N

Refrence: NVD

Description​

Description