CVE-2006-1119

fantastico in Cpanel does not properly handle when it has insufficient permissions to perform certain file operations, which allows remote authenticated users to obtain the full pathname, which is leaked in a PHP error message.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:netenberg:fantastico_de_luxe:*:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:*

History

21 Nov 2024, 00:08

Type Values Removed Values Added
References () http://www.securityfocus.com/archive/1/426957/100/0/threaded - () http://www.securityfocus.com/archive/1/426957/100/0/threaded -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/25277 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/25277 -

Information

Published : 2006-03-09 20:02

Updated : 2024-11-21 00:08


NVD link : CVE-2006-1119

Mitre link : CVE-2006-1119

CVE.ORG link : CVE-2006-1119


JSON object : View

Products Affected

netenberg

  • fantastico_de_luxe

cpanel

  • cpanel
CWE
CWE-264

Permissions, Privileges, and Access Controls