CVE-2006-6604

TorrentFlux 2.2 - Path Traversal

Title source: llm

Description

Directory traversal vulnerability in downloaddetails.php in TorrentFlux 2.2 allows remote authenticated users to read arbitrary files via .. (dot dot) sequences in the alias parameter, a different vector than CVE-2006-6328.

Exploits (1)

exploitdb WORKING POC VERIFIED

by r0ut3r · perlwebappsphp

https://www.exploit-db.com/exploits/2902

View Code ZIP pw:eip

References (4)

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/30831

[Third Party Advisory] http://secunia.com/advisories/23270

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/21525

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/2902

Scores

EPSS 0.0654

EPSS Percentile 91.2%

Details

Status published

Products (1)

torrentflux/torrentflux 2.2

Published Dec 15, 2006

Tracked Since Feb 18, 2026