← Back

CVE-2006-1800

nvd nist
Published: Apr 18, 2006Modified: Apr 16, 2026

JSON object

Loading...
7.5
Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
Exploitability: 10.0 / Impact: 6.4
Source: NVD

Description

Directory traversal vulnerability in posts.php in SimpleBBS 1.0.6 through 1.1 allows remote attackers to include and execute arbitrary files via ".." sequences in the language cookie, as demonstrated by by injecting the code into the gl_session cookie of users.php, which is stored in error.log.

Affected (3)

Simplemedia
1 product
Simplebbs
Configuration A
3 vulnerable
Vulnerable SoftwareAffected Versions
Simplemedia
Simplebbs
Version 1.0.6
Simplebbs
Version 1.0.7
Simplebbs
Version 1.1

References (10)

Source: cve@mitre.org
Exploit
Source: cve@mitre.org
ExploitVendor Advisory
Source: cve@mitre.org
Exploit
Source: cve@mitre.org
Exploit
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.