VYPR
Unrated severityNVD Advisory· Published Oct 5, 2006· Updated Jun 16, 2026

CVE-2006-5149

CVE-2006-5149

Description

Multiple directory traversal vulnerabilities in OpenBiblio before 0.5.2 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the page parameter to shared/help.php or (2) the tab parameter to shared/header.php.

Affected products

7
  • cpe:2.3:a:openbiblio:openbiblio:*:*:*:*:*:*:*:*+ 6 more
    • cpe:2.3:a:openbiblio:openbiblio:*:*:*:*:*:*:*:*range: <=0.5.1
    • cpe:2.3:a:openbiblio:openbiblio:0.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:openbiblio:openbiblio:0.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:openbiblio:openbiblio:0.3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:openbiblio:openbiblio:0.4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:openbiblio:openbiblio:0.5.0:*:*:*:*:*:*:*
    • (no CPE)range: <0.5.2

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.