CVE-2006-2156

Published: May 3, 2006Modified: Apr 16, 2026

6.4

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:N

Exploitability: 10.0 / Impact: 4.9

Source: NVD

Description

Directory traversal vulnerability in help/index.php in X7 Chat 2.0 and earlier allows remote attackers to include arbitrary files via .. (dot dot) sequences in the help_file parameter.

Affected (6)

Products: X7 Group: X7 Chat

1 product

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
X7 Group X7 Chat	Version 1.3.2b
X7 Group X7 Chat	Version 1.3.3b
X7 Group X7 Chat	Version 1.3.4b
X7 Group X7 Chat	Version 1.3.5b
X7 Group X7 Chat	Version 1.3.6
X7 Group X7 Chat	Version 2.0

References (16)

http://secunia.com/advisories/19886

Source: cve@mitre.org

Vendor Advisory

http://securityreason.com/securityalert/829

Source: cve@mitre.org

http://www.osvdb.org/25149

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/432716/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/17777

Source: cve@mitre.org

Exploit

http://www.vupen.com/english/advisories/2006/1608

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/26218

Source: cve@mitre.org

https://www.exploit-db.com/exploits/1738

Source: cve@mitre.org

http://secunia.com/advisories/19886

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://securityreason.com/securityalert/829

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/25149

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/432716/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/17777

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://www.vupen.com/english/advisories/2006/1608

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/26218

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.exploit-db.com/exploits/1738

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.