CVE-2006-4418

Published: Aug 28, 2006Modified: Apr 16, 2026

4.0

Vector

AV:N/AC:H/Au:N/C:P/I:P/A:N

Exploitability: 4.9 / Impact: 4.9

Source: NVD

Description

Directory traversal vulnerability in index.php for Wikepage 2006.2a Opus 10 allows remote attackers to include arbitrary local files via the lng parameter, as demonstrated by inserting PHP code into a log file.

Affected (2)

Products: Wikepage: Wikepage

Wikepage

1 product

Wikepage

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Wikepage Wikepage	Version 2006.2
Wikepage Wikepage	Version 2006.2a

References (12)

http://secunia.com/advisories/21542

Source: cve@mitre.org

Vendor Advisory

http://www.osvdb.org/28177

Source: cve@mitre.org

http://www.securityfocus.com/bid/19694

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2006/3386

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/28555

Source: cve@mitre.org

https://www.exploit-db.com/exploits/2252

Source: cve@mitre.org

http://secunia.com/advisories/21542