Vulnerability in Fusionphp Fusion_news
CVE-2006-3387
Directory traversal vulnerability in sources/post.php in Fusion News 1.0, when register_globals is enabled, allows remote attackers to include arbitrary files via a .. (dot dot) sequence in the fil_config parameter, which can be used to ex…
EPSS: 0.020 (77.7th percentile) — read the EPSS interpretation.
Affected products
- Fusionphp Fusion_news — versions 1.0
- N/a — versions n/a
References
- cve@mitre.org (vdb-entry, x_refsource_XF)
- cve@mitre.org (exploit, x_refsource_EXPLOIT-DB)