CVE-2006-1762

Name of the Vulnerable Software and Affected Versions blur6ex version 0.3.452

Description The issue is a directory traversal vulnerability in the index.php file, which allows remote attackers to include arbitrary files via the shard parameter. This can be exploited to produce resultant XSS when the parameter has XSS manipulations, and path disclosure with other invalid values.

Recommendations For blur6ex version 0.3.452, consider restricting access to the shard parameter in the index.php file to minimize the risk of exploitation. As a temporary workaround, avoid using the shard parameter with potentially malicious input until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.