CVE-2006-5319

Foafgen 0.3 - Directory Traversal via foaf Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-5319. PoCs published by DarkFig.

AI-analyzed exploit summary This is a writeup describing a file inclusion vulnerability in Foafgen v0.3, where the 'foaf' parameter in 'redir.php' is used unsafely with 'readfile()'. It provides examples of exploitation but does not include functional exploit code.

Description

Directory traversal vulnerability in redir.php in Foafgen 0.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the foaf parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED

by DarkFig · textwebappsphp

https://www.exploit-db.com/exploits/2506

View Code ZIP pw:eip

This is a writeup describing a file inclusion vulnerability in Foafgen v0.3, where the 'foaf' parameter in 'redir.php' is used unsafely with 'readfile()'. It provides examples of exploitation but does not include functional exploit code.

Classification

Writeup 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Theoretical

Target: Foafgen v0.3

No auth needed

Prerequisites: access to the vulnerable 'redir.php' script

devstral-2 · analyzed Feb 16, 2026 Full analysis →