CVE-2006-5031

Source
https://nvd.nist.gov/vuln/detail/CVE-2006-5031
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2006-5031.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2006-5031
Aliases
Downstream
Published
2006-09-27T23:07:00Z
Modified
2025-04-09T00:30:58Z
Summary
[none]
Details

Directory traversal vulnerability in app/webroot/js/vendors.php in Cake Software Foundation CakePHP before 1.1.8.3544 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter, followed by a filename ending with "%00" and a .js filename.

References

Affected packages