CVE-2006-0434

Name of the Vulnerable Software and Affected Versions phpXplorer (affected versions not specified)

Description A directory traversal issue exists, allowing remote attackers to read arbitrary files. This is achieved by using ".." (dot dot) sequences and null bytes in the sAction parameter of the action.php file. If phpXplorer supports the upload of PHP files, this issue would not be considered a vulnerability as it would not cross privilege boundaries.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.