Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0434


Vulnerability Score 5.0 5.0
CVE Id CVE-2006-0434
Last Modified 03 Jan 2013 12:00:00
Published 26 Jan 2006 06:07:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Directory traversal vulnerability in action.php in phpXplorer allows remote attackers to read arbitrary files via ".." (dot dot) sequences and null bytes in the sAction parameter, a different vulnerability than CVE-2006-0244. NOTE: if the functionality of phpXplorer supports the upload of PHP files, then this issue would not cross privilege boundaries and would not be a vulnerability.

Vulnerable Systems


  • Phpxplorer -


BUGTRAQ - 20060118 phpXplorer file inclusion

XF - phpxplorer-sshare-directory-traversal(39982)

BID - 16292

Last Updated: 27 May 2016 10:51:49