CVE-2006-6814

Hosting Controller 7c - Path Traversal

Title source: llm
STIX 2.1

Description

Directory traversal vulnerability in FolderManager/FolderManager.aspx in Hosting Controller 7c allows remote authenticated users to read and modify arbitrary files, and list arbitrary directories via ..\ (dot dot backslash) sequences in the BrowsePath parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED
by KAPDA · textwebappsasp
https://www.exploit-db.com/exploits/29357

References (5)

Core 5
Core References
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/0023
Exploit vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1017447
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/21786
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/23585
Exploit, Vendor Advisory x_refsource_misc
http://www.kapda.ir/advisory-458.html

Scores

EPSS 0.0059
EPSS Percentile 69.5%

Details

Status published
Products (1)
hosting_controller/hosting_controller 7c
Published Dec 29, 2006
Tracked Since Feb 18, 2026