CVE-2006-5846

MEDIUM

6.4

CVSS Severity Score

EPSS Score0.1180%

EPSS Percentile17.61th

PublishedNov 10, 2006

Last ModifiedApr 23, 2026

Vulnerability Description

Directory traversal vulnerability in index.php in FreeWebshop 2.2.2 and earlier allows remote attackers to read and include arbitrary files via a .. (dot dot) in the page parameter, a different vector than CVE-2006-5773.

Affected Platforms (CPE)

📦

Freewebshop

<= 2.2.2

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=116303405916694&w=2

🔗 http://secunia.com/advisories/22786

🔗 http://securitytracker.com/id?1017200

🔗 http://www.freewebshop.org/?id=28

🔗 http://www.freewebshop.org/index.php?id=28

🔗 http://www.securityfocus.com/bid/20969

🔗 http://www.vupen.com/english/advisories/2006/4420

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/30125

Vulnerability Description

Affected Platforms (CPE)

Freewebshop

References & Advisories

Related Vulnerabilities