CVE-2006-3534

CVE-2006-3534 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:N/A:N

Directory traversal vulnerability in Nullsoft SHOUTcast DSP before 1.9.6 filters directory traversal sequences before decoding, which allows remote attackers to read arbitrary files via encoded dot dot (%2E%2E) sequences in an HTTP GET request for a file path containing "/content".

Learn more about our Web Application Penetration Testing UK.