CVE-2006-2758

jetty 6.0.x beta16 - Path Traversal via Encoded URL

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-2758. PoCs published by LiquidWorm.

AI-analyzed exploit summary The document details multiple vulnerabilities in Promise WebPAM v2.2.0.13, including SQL injection via 'entSortOrder' and 'entSort' parameters, XSS via 'startTime' and 'endTime', HTTP Response Splitting via 'userID', and Source Code Disclosure via path manipulation. It provides specific exploit URLs but lacks functional exploit code.

Description

Directory traversal vulnerability in jetty 6.0.x (jetty6) beta16 allows remote attackers to read arbitrary files via a %2e%2e%5c (encoded ../) in the URL. NOTE: this might be the same issue as CVE-2005-3747.

Exploits (1)

exploitdb WRITEUP

by LiquidWorm · textwebappsphp

https://www.exploit-db.com/exploits/18571

View Code ZIP pw:eip

The document details multiple vulnerabilities in Promise WebPAM v2.2.0.13, including SQL injection via 'entSortOrder' and 'entSort' parameters, XSS via 'startTime' and 'endTime', HTTP Response Splitting via 'userID', and Source Code Disclosure via path manipulation. It provides specific exploit URLs but lacks functional exploit code.

Classification

Writeup 95%

Attack Type

Sqli | Xss | Info Leak | Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: Promise WebPAM v2.2.0.13

No auth needed

Prerequisites: Network access to the target application · Web browser or tool to send crafted HTTP requests

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1189 - Drive-by Compromise T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1016168

Scores

EPSS 0.0157

EPSS Percentile 82.0%

Details

CWE

CWE-22

Status published

Products (2)

jetty/jetty 6.0

org.mortbay.jetty/jetty 0Maven

Published Jun 02, 2006

Tracked Since Feb 18, 2026