VYPR
Unrated severityNVD Advisory· Published Dec 14, 2006· Updated Jun 16, 2026

CVE-2006-6514

CVE-2006-6514

Description

Winamp Web Interface (Wawi) 7.5.13 and earlier uses an insufficient comparison to determine whether a directory is located below the application's root directory, which allows remote authenticated users to access certain other directories if the name of the root directory is a substring of the name of the target directory, as demonstrated by accessing C:\folder2 when the root directory is C:\folder.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • cpe:2.3:a:flippet.org:winamp_web_interface:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:flippet.org:winamp_web_interface:*:*:*:*:*:*:*:*range: <=7.5.13
    • (no CPE)range: <=7.5.13

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.