CVE-2006-5031 — CakePHP directory traversal vulnerability allows remote attackers to read arbitr

Description

Directory traversal vulnerability in app/webroot/js/vendors.php in Cake Software Foundation CakePHP before 1.1.8.3544 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter, followed by a filename ending with "%00" and a .js filename.

How to fix CVE-2006-5031

To remediate CVE-2006-5031, upgrade the affected package to a fixed version below.

Debian/cakephp—upgrade to 1.1.13.4450-1 or later
Packagist/cakephp/cakephp—upgrade to 1.1.8.3544 or later

Is CVE-2006-5031 being exploited?

Moderate — EPSS is 6.9%. Track this CVE but it's not at the top of the prioritisation list.

Affected packages (2)

from 0, < 1.1.13.4450-1
>= 1.0.1.2708, < 1.1.8.3544

References (8)

ADVISORYnvd.nist.gov/vuln/detail/CVE-2006-5031
ADVISORYsecurity-tracker.debian.org/tracker/CVE-2006-5031
PATCHgithub.com/cakephp/cakephp
WEBcakeforge.org/frs/shownotes.php?release_id=134
WEBsecunia.com