Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
4 vulnerabilities found for phprog by comscripts
CVE-2006-4754 (GCVE-0-2006-4754)
Vulnerability from nvd – Published: 2006-09-13 22:00 – Updated: 2024-08-07 19:23
VLAI
EPSS
VEX
Summary
Cross-site scripting (XSS) vulnerability in index.php in PHProg before 1.1 allows remote attackers to inject arbitrary web script or HTML via the album parameter, which is used in an opendir call. NOTE: the same primary issue can be used for full path disclosure with an invalid parameter that reveals the installation path in an error message.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.pconfig.com/cdg393/adviso/PHProg.txt | x_refsource_MISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/19957 | vdb-entryx_refsource_BID |
| http://marc.info/?l=full-disclosure&m=11579664610… | mailing-listx_refsource_FULLDISC |
| http://secunia.com/advisories/21849 | third-party-advisoryx_refsource_SECUNIA |
| http://www.comscripts.com/scripts/php.phprog-albu… | x_refsource_CONFIRM |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2006-09-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:23:41.146Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.pconfig.com/cdg393/adviso/PHProg.txt"
},
{
"name": "phprog-index-xss(28846)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28846"
},
{
"name": "19957",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19957"
},
{
"name": "20060911 PHProg : Local File Inclusion + XSS + Full path",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=115796646100433\u0026w=2"
},
{
"name": "21849",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21849"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.comscripts.com/scripts/php.phprog-album-photo-php.2117.html"
},
{
"name": "phprog-index-path-disclosure(28845)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28845"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in index.php in PHProg before 1.1 allows remote attackers to inject arbitrary web script or HTML via the album parameter, which is used in an opendir call. NOTE: the same primary issue can be used for full path disclosure with an invalid parameter that reveals the installation path in an error message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.pconfig.com/cdg393/adviso/PHProg.txt"
},
{
"name": "phprog-index-xss(28846)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28846"
},
{
"name": "19957",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19957"
},
{
"name": "20060911 PHProg : Local File Inclusion + XSS + Full path",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=115796646100433\u0026w=2"
},
{
"name": "21849",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21849"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.comscripts.com/scripts/php.phprog-album-photo-php.2117.html"
},
{
"name": "phprog-index-path-disclosure(28845)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28845"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4754",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in index.php in PHProg before 1.1 allows remote attackers to inject arbitrary web script or HTML via the album parameter, which is used in an opendir call. NOTE: the same primary issue can be used for full path disclosure with an invalid parameter that reveals the installation path in an error message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.pconfig.com/cdg393/adviso/PHProg.txt",
"refsource": "MISC",
"url": "http://www.pconfig.com/cdg393/adviso/PHProg.txt"
},
{
"name": "phprog-index-xss(28846)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28846"
},
{
"name": "19957",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19957"
},
{
"name": "20060911 PHProg : Local File Inclusion + XSS + Full path",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure\u0026m=115796646100433\u0026w=2"
},
{
"name": "21849",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21849"
},
{
"name": "http://www.comscripts.com/scripts/php.phprog-album-photo-php.2117.html",
"refsource": "CONFIRM",
"url": "http://www.comscripts.com/scripts/php.phprog-album-photo-php.2117.html"
},
{
"name": "phprog-index-path-disclosure(28845)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28845"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4754",
"datePublished": "2006-09-13T22:00:00.000Z",
"dateReserved": "2006-09-13T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:23:41.146Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4753 (GCVE-0-2006-4753)
Vulnerability from nvd – Published: 2006-09-13 22:00 – Updated: 2024-08-07 19:23
VLAI
EPSS
VEX
Summary
Directory traversal vulnerability in index.php in PHProg before 1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.pconfig.com/cdg393/adviso/PHProg.txt | x_refsource_MISC |
| http://www.securityfocus.com/bid/19957 | vdb-entryx_refsource_BID |
| http://marc.info/?l=full-disclosure&m=11579664610… | mailing-listx_refsource_FULLDISC |
| http://secunia.com/advisories/21849 | third-party-advisoryx_refsource_SECUNIA |
| http://www.comscripts.com/scripts/php.phprog-albu… | x_refsource_CONFIRM |
Date Public
2006-09-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:23:41.145Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "phprog-index-file-include(28847)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28847"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.pconfig.com/cdg393/adviso/PHProg.txt"
},
{
"name": "19957",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19957"
},
{
"name": "20060911 PHProg : Local File Inclusion + XSS + Full path",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=115796646100433\u0026w=2"
},
{
"name": "21849",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21849"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.comscripts.com/scripts/php.phprog-album-photo-php.2117.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in index.php in PHProg before 1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "phprog-index-file-include(28847)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28847"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.pconfig.com/cdg393/adviso/PHProg.txt"
},
{
"name": "19957",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19957"
},
{
"name": "20060911 PHProg : Local File Inclusion + XSS + Full path",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=115796646100433\u0026w=2"
},
{
"name": "21849",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21849"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.comscripts.com/scripts/php.phprog-album-photo-php.2117.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4753",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in index.php in PHProg before 1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "phprog-index-file-include(28847)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28847"
},
{
"name": "http://www.pconfig.com/cdg393/adviso/PHProg.txt",
"refsource": "MISC",
"url": "http://www.pconfig.com/cdg393/adviso/PHProg.txt"
},
{
"name": "19957",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19957"
},
{
"name": "20060911 PHProg : Local File Inclusion + XSS + Full path",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure\u0026m=115796646100433\u0026w=2"
},
{
"name": "21849",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21849"
},
{
"name": "http://www.comscripts.com/scripts/php.phprog-album-photo-php.2117.html",
"refsource": "CONFIRM",
"url": "http://www.comscripts.com/scripts/php.phprog-album-photo-php.2117.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4753",
"datePublished": "2006-09-13T22:00:00.000Z",
"dateReserved": "2006-09-13T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:23:41.145Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4754 (GCVE-0-2006-4754)
Vulnerability from cvelistv5 – Published: 2006-09-13 22:00 – Updated: 2024-08-07 19:23
VLAI
EPSS
VEX
Summary
Cross-site scripting (XSS) vulnerability in index.php in PHProg before 1.1 allows remote attackers to inject arbitrary web script or HTML via the album parameter, which is used in an opendir call. NOTE: the same primary issue can be used for full path disclosure with an invalid parameter that reveals the installation path in an error message.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.pconfig.com/cdg393/adviso/PHProg.txt | x_refsource_MISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/19957 | vdb-entryx_refsource_BID |
| http://marc.info/?l=full-disclosure&m=11579664610… | mailing-listx_refsource_FULLDISC |
| http://secunia.com/advisories/21849 | third-party-advisoryx_refsource_SECUNIA |
| http://www.comscripts.com/scripts/php.phprog-albu… | x_refsource_CONFIRM |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2006-09-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:23:41.146Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.pconfig.com/cdg393/adviso/PHProg.txt"
},
{
"name": "phprog-index-xss(28846)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28846"
},
{
"name": "19957",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19957"
},
{
"name": "20060911 PHProg : Local File Inclusion + XSS + Full path",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=115796646100433\u0026w=2"
},
{
"name": "21849",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21849"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.comscripts.com/scripts/php.phprog-album-photo-php.2117.html"
},
{
"name": "phprog-index-path-disclosure(28845)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28845"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in index.php in PHProg before 1.1 allows remote attackers to inject arbitrary web script or HTML via the album parameter, which is used in an opendir call. NOTE: the same primary issue can be used for full path disclosure with an invalid parameter that reveals the installation path in an error message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.pconfig.com/cdg393/adviso/PHProg.txt"
},
{
"name": "phprog-index-xss(28846)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28846"
},
{
"name": "19957",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19957"
},
{
"name": "20060911 PHProg : Local File Inclusion + XSS + Full path",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=115796646100433\u0026w=2"
},
{
"name": "21849",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21849"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.comscripts.com/scripts/php.phprog-album-photo-php.2117.html"
},
{
"name": "phprog-index-path-disclosure(28845)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28845"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4754",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in index.php in PHProg before 1.1 allows remote attackers to inject arbitrary web script or HTML via the album parameter, which is used in an opendir call. NOTE: the same primary issue can be used for full path disclosure with an invalid parameter that reveals the installation path in an error message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.pconfig.com/cdg393/adviso/PHProg.txt",
"refsource": "MISC",
"url": "http://www.pconfig.com/cdg393/adviso/PHProg.txt"
},
{
"name": "phprog-index-xss(28846)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28846"
},
{
"name": "19957",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19957"
},
{
"name": "20060911 PHProg : Local File Inclusion + XSS + Full path",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure\u0026m=115796646100433\u0026w=2"
},
{
"name": "21849",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21849"
},
{
"name": "http://www.comscripts.com/scripts/php.phprog-album-photo-php.2117.html",
"refsource": "CONFIRM",
"url": "http://www.comscripts.com/scripts/php.phprog-album-photo-php.2117.html"
},
{
"name": "phprog-index-path-disclosure(28845)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28845"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4754",
"datePublished": "2006-09-13T22:00:00.000Z",
"dateReserved": "2006-09-13T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:23:41.146Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4753 (GCVE-0-2006-4753)
Vulnerability from cvelistv5 – Published: 2006-09-13 22:00 – Updated: 2024-08-07 19:23
VLAI
EPSS
VEX
Summary
Directory traversal vulnerability in index.php in PHProg before 1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.pconfig.com/cdg393/adviso/PHProg.txt | x_refsource_MISC |
| http://www.securityfocus.com/bid/19957 | vdb-entryx_refsource_BID |
| http://marc.info/?l=full-disclosure&m=11579664610… | mailing-listx_refsource_FULLDISC |
| http://secunia.com/advisories/21849 | third-party-advisoryx_refsource_SECUNIA |
| http://www.comscripts.com/scripts/php.phprog-albu… | x_refsource_CONFIRM |
Date Public
2006-09-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:23:41.145Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "phprog-index-file-include(28847)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28847"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.pconfig.com/cdg393/adviso/PHProg.txt"
},
{
"name": "19957",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19957"
},
{
"name": "20060911 PHProg : Local File Inclusion + XSS + Full path",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=115796646100433\u0026w=2"
},
{
"name": "21849",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21849"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.comscripts.com/scripts/php.phprog-album-photo-php.2117.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in index.php in PHProg before 1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "phprog-index-file-include(28847)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28847"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.pconfig.com/cdg393/adviso/PHProg.txt"
},
{
"name": "19957",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19957"
},
{
"name": "20060911 PHProg : Local File Inclusion + XSS + Full path",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=115796646100433\u0026w=2"
},
{
"name": "21849",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21849"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.comscripts.com/scripts/php.phprog-album-photo-php.2117.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4753",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in index.php in PHProg before 1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "phprog-index-file-include(28847)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28847"
},
{
"name": "http://www.pconfig.com/cdg393/adviso/PHProg.txt",
"refsource": "MISC",
"url": "http://www.pconfig.com/cdg393/adviso/PHProg.txt"
},
{
"name": "19957",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19957"
},
{
"name": "20060911 PHProg : Local File Inclusion + XSS + Full path",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure\u0026m=115796646100433\u0026w=2"
},
{
"name": "21849",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21849"
},
{
"name": "http://www.comscripts.com/scripts/php.phprog-album-photo-php.2117.html",
"refsource": "CONFIRM",
"url": "http://www.comscripts.com/scripts/php.phprog-album-photo-php.2117.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4753",
"datePublished": "2006-09-13T22:00:00.000Z",
"dateReserved": "2006-09-13T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:23:41.145Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}