{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2006-3360","assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","dateUpdated":"2024-08-07T18:23:21.270Z","dateReserved":"2006-07-06T00:00:00.000Z","datePublished":"2006-07-06T00:00:00.000Z"},"containers":{"cna":{"providerMetadata":{"orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre","dateUpdated":"2023-01-18T00:00:00.000Z"},"descriptions":[{"lang":"en","value":"Directory traversal vulnerability in index.php in phpSysInfo 2.5.1 allows remote attackers to determine the existence of arbitrary files via a .. (dot dot) sequence and a trailing null (%00) byte in the lng parameter, which will display a different error message if the file exists."}],"affected":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}],"references":[{"name":"1016440","tags":["vdb-entry"],"url":"http://securitytracker.com/id?1016440"},{"name":"phpsysinfo-lng-information-disclosure(27527)","tags":["vdb-entry"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/27527"},{"name":"ADV-2006-2668","tags":["vdb-entry"],"url":"http://www.vupen.com/english/advisories/2006/2668"},{"name":"27015","tags":["vdb-entry"],"url":"http://www.osvdb.org/27015"},{"name":"20939","tags":["third-party-advisory"],"url":"http://secunia.com/advisories/20939"},{"name":"20060705 Re: phpSysInfo arbitrary file identification","tags":["mailing-list"],"url":"http://archives.neohapsis.com/archives/fulldisclosure/2006-07/0066.html"},{"name":"18868","tags":["vdb-entry"],"url":"http://www.securityfocus.com/bid/18868"},{"name":"20060705 phpSysInfo arbitrary file identification","tags":["mailing-list"],"url":"http://archives.neohapsis.com/archives/fulldisclosure/2006-07/0065.html"},{"url":"https://github.com/advisories/GHSA-2wxv-3g4v-p76p"},{"url":"https://github.com/phpsysinfo/phpsysinfo/issues/368#issuecomment-1380842745"}],"problemTypes":[{"descriptions":[{"type":"text","lang":"en","description":"n/a"}]}],"datePublic":"2006-07-05T00:00:00.000Z"},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-07T18:23:21.270Z"},"title":"CVE Program Container","references":[{"name":"1016440","tags":["vdb-entry","x_transferred"],"url":"http://securitytracker.com/id?1016440"},{"name":"phpsysinfo-lng-information-disclosure(27527)","tags":["vdb-entry","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/27527"},{"name":"ADV-2006-2668","tags":["vdb-entry","x_transferred"],"url":"http://www.vupen.com/english/advisories/2006/2668"},{"name":"27015","tags":["vdb-entry","x_transferred"],"url":"http://www.osvdb.org/27015"},{"name":"20939","tags":["third-party-advisory","x_transferred"],"url":"http://secunia.com/advisories/20939"},{"name":"20060705 Re: phpSysInfo arbitrary file identification","tags":["mailing-list","x_transferred"],"url":"http://archives.neohapsis.com/archives/fulldisclosure/2006-07/0066.html"},{"name":"18868","tags":["vdb-entry","x_transferred"],"url":"http://www.securityfocus.com/bid/18868"},{"name":"20060705 phpSysInfo arbitrary file identification","tags":["mailing-list","x_transferred"],"url":"http://archives.neohapsis.com/archives/fulldisclosure/2006-07/0065.html"},{"url":"https://github.com/advisories/GHSA-2wxv-3g4v-p76p","tags":["x_transferred"]},{"url":"https://github.com/phpsysinfo/phpsysinfo/issues/368#issuecomment-1380842745","tags":["x_transferred"]}]}]}}