Moderate severityNVD Advisory· Published Jul 6, 2006· Updated Jun 16, 2026
CVE-2006-3360
CVE-2006-3360
Description
Directory traversal vulnerability in index.php in phpSysInfo 2.5.1 allows remote attackers to determine the existence of arbitrary files via a .. (dot dot) sequence and a trailing null (%00) byte in the lng parameter, which will display a different error message if the file exists.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
phpsysinfo/phpsysinfoPackagist | < 3.2.5 | 3.2.5 |
Affected products
2Patches
Vulnerability mechanics
References
13- archives.neohapsis.com/archives/fulldisclosure/2006-07/0065.htmlnvdBroken LinkExploit
- archives.neohapsis.com/archives/fulldisclosure/2006-07/0066.htmlnvdBroken LinkExploit
- secunia.com/advisories/20939nvdBroken LinkVendor Advisory
- securitytracker.com/idnvdBroken LinkThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/18868nvdBroken LinkThird Party AdvisoryVDB Entry
- www.vupen.com/english/advisories/2006/2668nvdBroken LinkPermissions RequiredThird Party Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/27527nvdThird Party AdvisoryVDB EntryWEB
- github.com/advisories/GHSA-2wxv-3g4v-p76pnvdThird Party AdvisoryADVISORY
- github.com/phpsysinfo/phpsysinfo/issues/368nvdIssue TrackingThird Party AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2006-3360ghsaADVISORY
- www.osvdb.org/27015nvdBroken Link
- github.com/phpsysinfo/phpsysinfo/commit/60b5bbb5d1cc17f44050e99a3e746f55a4fd4e18ghsaWEB
- github.com/phpsysinfo/phpsysinfo/issues/107ghsaWEB
News mentions
0No linked articles in our index yet.