Exploitation Summary
EIP tracks 1 public exploit for CVE-2006-6814. PoCs published by KAPDA.
AI-analyzed exploit summary The exploit describes a directory traversal vulnerability in Hosting Controller 7C, allowing attackers to access arbitrary files by manipulating the 'BrowsePath' parameter. The provided URL demonstrates traversal to 'program files' via path manipulation.
Description
Directory traversal vulnerability in FolderManager/FolderManager.aspx in Hosting Controller 7c allows remote authenticated users to read and modify arbitrary files, and list arbitrary directories via ..\ (dot dot backslash) sequences in the BrowsePath parameter.
Exploits (1)
The exploit describes a directory traversal vulnerability in Hosting Controller 7C, allowing attackers to access arbitrary files by manipulating the 'BrowsePath' parameter. The provided URL demonstrates traversal to 'program files' via path manipulation.