CVE-2006-6872

Name of the Vulnerable Software and Affected Versions: eNdonesia version 8.4

Description: The issue allows remote attackers to read arbitrary files due to a directory traversal vulnerability in the mod.php file. This is achieved by using a .. (dot dot) in the mod parameter.

Recommendations: For eNdonesia version 8.4, consider restricting access to the mod.php file until a patch is available. As a temporary workaround, avoid using the mod parameter with .. (dot dot) sequences to minimize the risk of exploitation.