PT-2006-3859 · Npds · Net Portal Dynamic System

Darkfig

Published

2006-06-12

Updated

2018-10-18

CVE-2006-2952

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Net Portal Dynamic System (NPDS) versions 5.10 and earlier

Description A directory traversal issue allows remote attackers to read arbitrary files. This is achieved by using a .. (dot dot) sequence and a trailing null (%00) byte in the Default Theme parameter to "header.php" or the ModPath parameter to "modules/cluster-paradise/cluster-E.php".

Recommendations For Net Portal Dynamic System (NPDS) versions 5.10 and earlier, consider restricting access to the header.php and modules/cluster-paradise/cluster-E.php files until a patch is available. As a temporary workaround, avoid using the Default Theme and ModPath parameters in the affected API endpoints.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-2952

Affected Products

Net Portal Dynamic System

PT-2006-3859 · Npds · Net Portal Dynamic System

CVE-2006-2952

Related Identifiers

Affected Products

References · 10