← Back

CVE-2006-6175

nvd nist
Published: Nov 30, 2006Modified: Apr 23, 2026

JSON object

Loading...
7.5
Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
Exploitability: 10.0 / Impact: 6.4
Source: NVD

Description

Directory traversal vulnerability in lib/FBView.php in Horde Kronolith H3 before 2.0.7 and 2.1.x before 2.1.4 allows remote attackers to include arbitrary files and execute PHP code via a .. (dot dot) sequence in the view parameter.

Affected (10)

Products: Horde: Kronolith
Horde
1 product
Kronolith
Configuration A
10 vulnerable
Vulnerable SoftwareAffected Versions
Horde
Kronolith
Version 2.0.1
Kronolith
Version 2.0.2
Kronolith
Version 2.0.3
Kronolith
Version 2.0.4
Kronolith
Version 2.0.5
Kronolith
Version 2.0.6
Kronolith
Version 2.1.1
Kronolith
Version 2.1.2
Kronolith
Version 2.1.3
Kronolith
Version 2.1

References (18)

Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Patch
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.