CVE-2006-0701
imagevue 16.1 - Directory Listing via readfolder.php Path and Ext Parameters
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2006-0701. PoCs published by zjieb.
AI-analyzed exploit summary The provided text describes multiple vulnerabilities in ImageVue, including unauthorized file uploads, authentication bypass, and content injection. It references a URL parameter manipulation but lacks executable exploit code.
Description
readfolder.php in imageVue 16.1 allows remote attackers to list directories via modified path and ext parameters.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by zjieb · textwebappsphp
https://www.exploit-db.com/exploits/27198
The provided text describes multiple vulnerabilities in ImageVue, including unauthorized file uploads, authentication bypass, and content injection. It references a URL parameter manipulation but lacks executable exploit code.
Classification
Writeup 90%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target:
ImageVue (version unspecified)
No auth needed
Prerequisites:
Access to the target web application
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (5)
Core 5
Core References
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2006/0570
Exploit, Vendor Advisory mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/424745/30/0/threaded
Exploit, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/18802
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/16594
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/24641
Scores
EPSS
0.0768
EPSS Percentile
93.8%
Details
Status
published
Products (1)
imagevue/imagevue
0.16.1
Published
Feb 15, 2006
Tracked Since
Feb 18, 2026