Unrated severityNVD Advisory· Published Apr 15, 2015· Updated May 6, 2026
CVE-2015-0906
CVE-2015-0906
Description
Directory traversal vulnerability in Lhaplus before 1.70 allows remote attackers to write to arbitrary files via a crafted archive.
Affected products
6cpe:2.3:a:lhaplus:lhaplus:*:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:lhaplus:lhaplus:*:*:*:*:*:*:*:*range: <=1.59
- cpe:2.3:a:lhaplus:lhaplus:1.52:*:*:*:*:*:*:*
- cpe:2.3:a:lhaplus:lhaplus:1.53:*:*:*:*:*:*:*
- cpe:2.3:a:lhaplus:lhaplus:1.55:*:*:*:*:*:*:*
- cpe:2.3:a:lhaplus:lhaplus:1.56:*:*:*:*:*:*:*
- cpe:2.3:a:lhaplus:lhaplus:1.57:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- jvn.jp/en/jp/JVN02527990/index.htmlnvdVendor Advisory
- jvndb.jvn.jp/jvndb/JVNDB-2015-000050nvdVendor Advisory
- jvn.jp/en/jp/JVN02527990/414318/index.htmlnvd
- www7a.biglobe.ne.jp/~schezo/nvd
News mentions
0No linked articles in our index yet.