CVE-2006-6203

Flyspray ME 1.0.1 - Directory Traversal via File Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-6203. PoCs published by 3l3ctric-Cracker.

AI-analyzed exploit summary This exploit demonstrates a directory traversal vulnerability in the 'startdown.php' file of the com_flyspray Joomla component, allowing unauthorized file disclosure. The vulnerability arises from unsanitized user input in the 'file' parameter, enabling attackers to read arbitrary files on the server.

Description

Directory traversal vulnerability in startdown.php in the Flyspray ME 1.0.1 (com_flyspray) component for Mambo allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by 3l3ctric-Cracker · textwebappsphp

https://www.exploit-db.com/exploits/2852

View Code ZIP pw:eip

This exploit demonstrates a directory traversal vulnerability in the 'startdown.php' file of the com_flyspray Joomla component, allowing unauthorized file disclosure. The vulnerability arises from unsanitized user input in the 'file' parameter, enabling attackers to read arbitrary files on the server.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: com_flyspray 1.0.1

No auth needed

Prerequisites: Joomla installation with com_flyspray component version 1.0.1

MITRE ATT&CK