CVE-2006-1119

Published: Mar 9, 2006Modified: Apr 16, 2026

4.0

Vector

AV:N/AC:L/Au:S/C:P/I:N/A:N

Exploitability: 8.0 / Impact: 2.9

Source: NVD

Description

fantastico in Cpanel does not properly handle when it has insufficient permissions to perform certain file operations, which allows remote authenticated users to obtain the full pathname, which is leaked in a PHP error message.

Affected (1)

Products: Netenberg: Fantastico De Luxe

Netenberg

1 product

Fantastico De Luxe

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netenberg Fantastico De Luxe	All versions

Running on/with	Platform Versions
Cpanel Cpanel	All versions

Related CWEs

CWE-264

References (4)

http://www.securityfocus.com/archive/1/426957/100/0/threaded

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/25277

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/426957/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/25277

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.