Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0132


Vulnerability Score 5.0 5.0
CVE Id CVE-2006-0132
Last Modified 07 Mar 2011 09:29:22
Published 09 Jan 2006 06:03:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Directory traversal vulnerability in webftp.php in SysCP WebFTP 1.2.6 and possibly earlier allows remote attackers to include and execute arbitrary local PHP scripts, and possibly read other types of files, via a .. (dot dot) and a trailing null in the webftp_language parameter.

Vulnerable Systems


  • Webftp 1.2.6


SECUNIA - 18355

VUPEN - ADV-2006-0090

BID - 16175

BUGTRAQ - 20060104 SysCP WebFTP local file inclusion vulnerability

XF - webftp-language-file-include(24018)

Last Updated: 27 May 2016 10:41:32