Unrated severityNVD Advisory· Published Feb 7, 2006· Updated Jun 16, 2026
CVE-2006-0567
CVE-2006-0567
Description
Directory traversal vulnerability in Files Xaraya module before 0.5.1, when the Archive Directory field on the Modify Config page is blank, allows remote attackers to access files outside of the web root via ".." (dot dot) sequences.
Affected products
3cpe:2.3:a:curtis_farnham:files_xaraya_module:0.3.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:curtis_farnham:files_xaraya_module:0.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:curtis_farnham:files_xaraya_module:0.4.0:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.