CVE-2006-0660

FarsiNews 2.5 - Directory Traversal and Arbitrary File Read via Archive Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2006-0660. PoCs published by Hessam-x, Hamid Ebadi.

AI-analyzed exploit summary This exploit leverages a path traversal vulnerability in FarsiNews 2.5Pro to read the contents of the users.db.php file, exposing usernames and MD5-hashed passwords. The exploit constructs a malicious URL with a null byte to bypass file extension checks and retrieve sensitive data.

Description

Multiple directory traversal vulnerabilities in FarsiNews 2.5 and earlier allows remote attackers to (1) read arbitrary files or trigger an error message path disclosure via ".." or invalid names in the archive parameter to index.php, or (2) include arbitrary files via the template parameter to show_archives.php.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Hessam-x · perlwebappsphp
https://www.exploit-db.com/exploits/1538

This exploit leverages a path traversal vulnerability in FarsiNews 2.5Pro to read the contents of the users.db.php file, exposing usernames and MD5-hashed passwords. The exploit constructs a malicious URL with a null byte to bypass file extension checks and retrieve sensitive data.

Classification
Working Poc 95%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: FarsiNews 2.5Pro
No auth needed
Prerequisites: Target URL and path to FarsiNews installation
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by Hamid Ebadi · textwebappsphp
https://www.exploit-db.com/exploits/27183

The exploit describes directory traversal and local file inclusion vulnerabilities in FarsiNews due to improper input sanitization. It allows attackers to retrieve arbitrary files or include local files, potentially leading to arbitrary code execution if malicious scripts are present.

Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Theoretical
Target: FarsiNews (version not specified)
No auth needed
Prerequisites: Access to the vulnerable FarsiNews application
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (12)

Core 12
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/24598
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2006/0506
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/24602
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/424720/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/23020
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/16580
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/23021
Exploit, Vendor Advisory x_refsource_misc
http://www.hamid.ir/security/farsinews2-5.txt
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/23022
Patch, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/18768

Scores

EPSS 0.0462
EPSS Percentile 90.5%

Details

Status published
Products (3)
farsinews/farsinews 2.1
farsinews/farsinews 2.1_beta2
farsinews/farsinews 2.5
Published Feb 13, 2006
Tracked Since Feb 18, 2026