Unrated severityNVD Advisory· Published May 22, 2006· Updated Jun 16, 2026
CVE-2006-2519
CVE-2006-2519
Description
Directory traversal vulnerability in include/inc_ext/spaw/spaw_control.class.php in phpwcms 1.2.5-DEV allows remote attackers to include arbitrary local files via .. (dot dot) sequences in the spaw_root parameter. NOTE: CVE analysis suggests that this issue is actually in SPAW Editor PHP Edition.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
8- www.kapda.ir/advisory-331.htmlnvdExploitVendor Advisory
- secunia.com/advisories/20239nvd
- securityreason.com/securityalert/939nvd
- www.osvdb.org/25756nvd
- www.securityfocus.com/archive/1/434706/100/0/threadednvd
- www.securityfocus.com/bid/18062nvd
- www.vupen.com/english/advisories/2006/1934nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/26639nvd
News mentions
0No linked articles in our index yet.