CVE-2006-5716

Name of the Vulnerable Software and Affected Versions: FreeNews version 2.1

Description: A directory traversal issue exists, allowing remote attackers to include local files. This is achieved by using a .. (dot dot) sequence in the chemin parameter when the aff news parameter is not set to "1".

Recommendations: For FreeNews version 2.1, as a temporary workaround, consider restricting access to the chemin parameter in the affected aff news.php file until a patch is available. Avoid using the chemin parameter with unvalidated input to minimize the risk of exploitation.