CVE-2006-1162

CVE-2006-1162 · MEDIUM Severity

AV:N/AC:H/AU:N/C:P/I:P/A:P

Directory traversal vulnerability in Nodez 4.6.1.1 and earlier allows remote attackers to read or include arbitrary PHP files via a .. (dot dot) in the op parameter, as demonstrated by inserting malicious Email parameters into list.gtdat, then accessing list.gtdat using the op parameter.

Learn more about our Web Application Penetration Testing UK.