Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    6 vulnerabilities by net2ftp

    CVE-2008-5275 (GCVE-0-2008-5275)

    Vulnerability from nvd – Published: 2008-11-28 18:26 – Updated: 2024-08-07 10:49
    VLAI
    Summary
    Multiple directory traversal vulnerabilities in the (a) "Unzip archive" and (b) "Upload files and archives" functionality in net2ftp 0.96 stable and 0.97 beta allow remote attackers to create, read, or delete arbitrary files via a .. (dot dot) in a filename within a (1) TAR or (2) ZIP archive. NOTE: this can be leveraged for code execution by creating a .php file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://vuln.sg/net2ftp096-en.html x_refsource_MISC
    http://www.securityfocus.com/bid/29664 vdb-entryx_refsource_BID
    http://secunia.com/advisories/30611 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2008-06-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T10:49:12.276Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "net2ftp-requesthandling-code-execution(42994)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42994"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://vuln.sg/net2ftp096-en.html"
              },
              {
                "name": "29664",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/29664"
              },
              {
                "name": "30611",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/30611"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-06-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple directory traversal vulnerabilities in the (a) \"Unzip archive\" and (b) \"Upload files and archives\" functionality in net2ftp 0.96 stable and 0.97 beta allow remote attackers to create, read, or delete arbitrary files via a .. (dot dot) in a filename within a (1) TAR or (2) ZIP archive.  NOTE: this can be leveraged for code execution by creating a .php file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-07T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "net2ftp-requesthandling-code-execution(42994)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42994"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://vuln.sg/net2ftp096-en.html"
            },
            {
              "name": "29664",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/29664"
            },
            {
              "name": "30611",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/30611"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-5275",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple directory traversal vulnerabilities in the (a) \"Unzip archive\" and (b) \"Upload files and archives\" functionality in net2ftp 0.96 stable and 0.97 beta allow remote attackers to create, read, or delete arbitrary files via a .. (dot dot) in a filename within a (1) TAR or (2) ZIP archive.  NOTE: this can be leveraged for code execution by creating a .php file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "net2ftp-requesthandling-code-execution(42994)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42994"
                },
                {
                  "name": "http://vuln.sg/net2ftp096-en.html",
                  "refsource": "MISC",
                  "url": "http://vuln.sg/net2ftp096-en.html"
                },
                {
                  "name": "29664",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/29664"
                },
                {
                  "name": "30611",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/30611"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-5275",
        "datePublished": "2008-11-28T18:26:00.000Z",
        "dateReserved": "2008-11-28T00:00:00.000Z",
        "dateUpdated": "2024-08-07T10:49:12.276Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-5194 (GCVE-0-2006-5194)

    Vulnerability from nvd – Published: 2006-10-06 21:00 – Updated: 2024-08-07 19:41
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in index.php in net2ftp 0.93 allows remote attackers to inject arbitrary web script or HTML via the username parameter. NOTE: some of these details are obtained from third party information.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/archive/1/447535/100… mailing-listx_refsource_BUGTRAQ
    http://www.vupen.com/english/advisories/2006/3890 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/22255 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/20313 vdb-entryx_refsource_BID
    Date Public
    2006-10-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:41:04.405Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20061002 Re: net2ftp: a web based FTP client :) \u003c= Remote File Inclusion",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/447535/100/0/threaded"
              },
              {
                "name": "ADV-2006-3890",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/3890"
              },
              {
                "name": "22255",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22255"
              },
              {
                "name": "20313",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/20313"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-10-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in index.php in net2ftp 0.93 allows remote attackers to inject arbitrary web script or HTML via the username parameter.  NOTE: some of these details are obtained from third party information."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20061002 Re: net2ftp: a web based FTP client :) \u003c= Remote File Inclusion",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/447535/100/0/threaded"
            },
            {
              "name": "ADV-2006-3890",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3890"
            },
            {
              "name": "22255",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22255"
            },
            {
              "name": "20313",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/20313"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-5194",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in index.php in net2ftp 0.93 allows remote attackers to inject arbitrary web script or HTML via the username parameter.  NOTE: some of these details are obtained from third party information."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20061002 Re: net2ftp: a web based FTP client :) \u003c= Remote File Inclusion",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/447535/100/0/threaded"
                },
                {
                  "name": "ADV-2006-3890",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/3890"
                },
                {
                  "name": "22255",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/22255"
                },
                {
                  "name": "20313",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/20313"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-5194",
        "datePublished": "2006-10-06T21:00:00.000Z",
        "dateReserved": "2006-10-06T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:41:04.405Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-5097 (GCVE-0-2006-5097)

    Vulnerability from nvd – Published: 2006-09-29 21:00 – Updated: 2024-08-07 19:41 Disputed
    VLAI
    Summary
    PHP remote file inclusion vulnerability in index.php in net2ftp, possibly 0.1 through 0.62, allows remote attackers to execute arbitrary PHP code via a URL in the application_rootdir parameter. NOTE: this issue has been disputed by a third party researcher, CVE, and the vendor. The vendor says "the variable is set in settings.inc.php, so this is not a vulnerability.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2006-09-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:41:04.735Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.net2ftp.org/forums/viewtopic.php?pid=6689"
              },
              {
                "name": "20061002 Re: net2ftp: a web based FTP client :) \u003c= Remote File Inclusion",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/447535/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.net2ftp.org/forums/viewtopic.php?pid=6676"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.net2ftp.org/forums/viewtopic.php?pid=6687"
              },
              {
                "name": "20061009 Re: net2ftp: a web based FTP client :) \u003c= Remote File Inclusion",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/448037/100/0/threaded"
              },
              {
                "name": "20061009 net2ftp: a web based FTP client :) \u003c= Remote File Inclusion (fwd)",
                "tags": [
                  "mailing-list",
                  "x_refsource_VIM",
                  "x_transferred"
                ],
                "url": "http://www.attrition.org/pipermail/vim/2006-October/001077.html"
              },
              {
                "name": "20061006 Re: net2ftp Remote File Inclusion - bogus report",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/447916/100/0/threaded"
              },
              {
                "name": "net2ftp-index-file-include(29203)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29203"
              },
              {
                "name": "1655",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1655"
              },
              {
                "name": "20060926 net2ftp: a web based FTP client :) \u003c= Remote File Inclusion",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/447156/100/0/threaded"
              },
              {
                "name": "20061009 net2ftp: a web based FTP client :) \u003c= Remote File Inclusion (fwd)",
                "tags": [
                  "mailing-list",
                  "x_refsource_VIM",
                  "x_transferred"
                ],
                "url": "http://www.attrition.org/pipermail/vim/2006-October/001076.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-09-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "PHP remote file inclusion vulnerability in index.php in net2ftp, possibly 0.1 through 0.62, allows remote attackers to execute arbitrary PHP code via a URL in the application_rootdir parameter. NOTE: this issue has been disputed by a third party researcher, CVE, and the vendor.  The vendor says \"the variable is set in settings.inc.php, so this is not a vulnerability."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.net2ftp.org/forums/viewtopic.php?pid=6689"
            },
            {
              "name": "20061002 Re: net2ftp: a web based FTP client :) \u003c= Remote File Inclusion",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/447535/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.net2ftp.org/forums/viewtopic.php?pid=6676"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.net2ftp.org/forums/viewtopic.php?pid=6687"
            },
            {
              "name": "20061009 Re: net2ftp: a web based FTP client :) \u003c= Remote File Inclusion",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/448037/100/0/threaded"
            },
            {
              "name": "20061009 net2ftp: a web based FTP client :) \u003c= Remote File Inclusion (fwd)",
              "tags": [
                "mailing-list",
                "x_refsource_VIM"
              ],
              "url": "http://www.attrition.org/pipermail/vim/2006-October/001077.html"
            },
            {
              "name": "20061006 Re: net2ftp Remote File Inclusion - bogus report",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/447916/100/0/threaded"
            },
            {
              "name": "net2ftp-index-file-include(29203)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29203"
            },
            {
              "name": "1655",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1655"
            },
            {
              "name": "20060926 net2ftp: a web based FTP client :) \u003c= Remote File Inclusion",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/447156/100/0/threaded"
            },
            {
              "name": "20061009 net2ftp: a web based FTP client :) \u003c= Remote File Inclusion (fwd)",
              "tags": [
                "mailing-list",
                "x_refsource_VIM"
              ],
              "url": "http://www.attrition.org/pipermail/vim/2006-October/001076.html"
            }
          ],
          "tags": [
            "disputed"
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-5097",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "** DISPUTED **  PHP remote file inclusion vulnerability in index.php in net2ftp, possibly 0.1 through 0.62, allows remote attackers to execute arbitrary PHP code via a URL in the application_rootdir parameter. NOTE: this issue has been disputed by a third party researcher, CVE, and the vendor.  The vendor says \"the variable is set in settings.inc.php, so this is not a vulnerability.\""
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.net2ftp.org/forums/viewtopic.php?pid=6689",
                  "refsource": "MISC",
                  "url": "http://www.net2ftp.org/forums/viewtopic.php?pid=6689"
                },
                {
                  "name": "20061002 Re: net2ftp: a web based FTP client :) \u003c= Remote File Inclusion",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/447535/100/0/threaded"
                },
                {
                  "name": "http://www.net2ftp.org/forums/viewtopic.php?pid=6676",
                  "refsource": "MISC",
                  "url": "http://www.net2ftp.org/forums/viewtopic.php?pid=6676"
                },
                {
                  "name": "http://www.net2ftp.org/forums/viewtopic.php?pid=6687",
                  "refsource": "MISC",
                  "url": "http://www.net2ftp.org/forums/viewtopic.php?pid=6687"
                },
                {
                  "name": "20061009 Re: net2ftp: a web based FTP client :) \u003c= Remote File Inclusion",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/448037/100/0/threaded"
                },
                {
                  "name": "20061009 net2ftp: a web based FTP client :) \u003c= Remote File Inclusion (fwd)",
                  "refsource": "VIM",
                  "url": "http://www.attrition.org/pipermail/vim/2006-October/001077.html"
                },
                {
                  "name": "20061006 Re: net2ftp Remote File Inclusion - bogus report",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/447916/100/0/threaded"
                },
                {
                  "name": "net2ftp-index-file-include(29203)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29203"
                },
                {
                  "name": "1655",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1655"
                },
                {
                  "name": "20060926 net2ftp: a web based FTP client :) \u003c= Remote File Inclusion",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/447156/100/0/threaded"
                },
                {
                  "name": "20061009 net2ftp: a web based FTP client :) \u003c= Remote File Inclusion (fwd)",
                  "refsource": "VIM",
                  "url": "http://www.attrition.org/pipermail/vim/2006-October/001076.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-5097",
        "datePublished": "2006-09-29T21:00:00.000Z",
        "dateReserved": "2006-09-29T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:41:04.735Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-5275 (GCVE-0-2008-5275)

    Vulnerability from cvelistv5 – Published: 2008-11-28 18:26 – Updated: 2024-08-07 10:49
    VLAI
    Summary
    Multiple directory traversal vulnerabilities in the (a) "Unzip archive" and (b) "Upload files and archives" functionality in net2ftp 0.96 stable and 0.97 beta allow remote attackers to create, read, or delete arbitrary files via a .. (dot dot) in a filename within a (1) TAR or (2) ZIP archive. NOTE: this can be leveraged for code execution by creating a .php file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://vuln.sg/net2ftp096-en.html x_refsource_MISC
    http://www.securityfocus.com/bid/29664 vdb-entryx_refsource_BID
    http://secunia.com/advisories/30611 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2008-06-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T10:49:12.276Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "net2ftp-requesthandling-code-execution(42994)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42994"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://vuln.sg/net2ftp096-en.html"
              },
              {
                "name": "29664",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/29664"
              },
              {
                "name": "30611",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/30611"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-06-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple directory traversal vulnerabilities in the (a) \"Unzip archive\" and (b) \"Upload files and archives\" functionality in net2ftp 0.96 stable and 0.97 beta allow remote attackers to create, read, or delete arbitrary files via a .. (dot dot) in a filename within a (1) TAR or (2) ZIP archive.  NOTE: this can be leveraged for code execution by creating a .php file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-07T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "net2ftp-requesthandling-code-execution(42994)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42994"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://vuln.sg/net2ftp096-en.html"
            },
            {
              "name": "29664",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/29664"
            },
            {
              "name": "30611",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/30611"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-5275",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple directory traversal vulnerabilities in the (a) \"Unzip archive\" and (b) \"Upload files and archives\" functionality in net2ftp 0.96 stable and 0.97 beta allow remote attackers to create, read, or delete arbitrary files via a .. (dot dot) in a filename within a (1) TAR or (2) ZIP archive.  NOTE: this can be leveraged for code execution by creating a .php file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "net2ftp-requesthandling-code-execution(42994)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42994"
                },
                {
                  "name": "http://vuln.sg/net2ftp096-en.html",
                  "refsource": "MISC",
                  "url": "http://vuln.sg/net2ftp096-en.html"
                },
                {
                  "name": "29664",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/29664"
                },
                {
                  "name": "30611",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/30611"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-5275",
        "datePublished": "2008-11-28T18:26:00.000Z",
        "dateReserved": "2008-11-28T00:00:00.000Z",
        "dateUpdated": "2024-08-07T10:49:12.276Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-5194 (GCVE-0-2006-5194)

    Vulnerability from cvelistv5 – Published: 2006-10-06 21:00 – Updated: 2024-08-07 19:41
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in index.php in net2ftp 0.93 allows remote attackers to inject arbitrary web script or HTML via the username parameter. NOTE: some of these details are obtained from third party information.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/archive/1/447535/100… mailing-listx_refsource_BUGTRAQ
    http://www.vupen.com/english/advisories/2006/3890 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/22255 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/20313 vdb-entryx_refsource_BID
    Date Public
    2006-10-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:41:04.405Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20061002 Re: net2ftp: a web based FTP client :) \u003c= Remote File Inclusion",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/447535/100/0/threaded"
              },
              {
                "name": "ADV-2006-3890",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/3890"
              },
              {
                "name": "22255",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22255"
              },
              {
                "name": "20313",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/20313"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-10-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in index.php in net2ftp 0.93 allows remote attackers to inject arbitrary web script or HTML via the username parameter.  NOTE: some of these details are obtained from third party information."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20061002 Re: net2ftp: a web based FTP client :) \u003c= Remote File Inclusion",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/447535/100/0/threaded"
            },
            {
              "name": "ADV-2006-3890",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3890"
            },
            {
              "name": "22255",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22255"
            },
            {
              "name": "20313",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/20313"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-5194",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in index.php in net2ftp 0.93 allows remote attackers to inject arbitrary web script or HTML via the username parameter.  NOTE: some of these details are obtained from third party information."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20061002 Re: net2ftp: a web based FTP client :) \u003c= Remote File Inclusion",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/447535/100/0/threaded"
                },
                {
                  "name": "ADV-2006-3890",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/3890"
                },
                {
                  "name": "22255",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/22255"
                },
                {
                  "name": "20313",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/20313"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-5194",
        "datePublished": "2006-10-06T21:00:00.000Z",
        "dateReserved": "2006-10-06T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:41:04.405Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-5097 (GCVE-0-2006-5097)

    Vulnerability from cvelistv5 – Published: 2006-09-29 21:00 – Updated: 2024-08-07 19:41 Disputed
    VLAI
    Summary
    PHP remote file inclusion vulnerability in index.php in net2ftp, possibly 0.1 through 0.62, allows remote attackers to execute arbitrary PHP code via a URL in the application_rootdir parameter. NOTE: this issue has been disputed by a third party researcher, CVE, and the vendor. The vendor says "the variable is set in settings.inc.php, so this is not a vulnerability.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2006-09-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:41:04.735Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.net2ftp.org/forums/viewtopic.php?pid=6689"
              },
              {
                "name": "20061002 Re: net2ftp: a web based FTP client :) \u003c= Remote File Inclusion",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/447535/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.net2ftp.org/forums/viewtopic.php?pid=6676"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.net2ftp.org/forums/viewtopic.php?pid=6687"
              },
              {
                "name": "20061009 Re: net2ftp: a web based FTP client :) \u003c= Remote File Inclusion",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/448037/100/0/threaded"
              },
              {
                "name": "20061009 net2ftp: a web based FTP client :) \u003c= Remote File Inclusion (fwd)",
                "tags": [
                  "mailing-list",
                  "x_refsource_VIM",
                  "x_transferred"
                ],
                "url": "http://www.attrition.org/pipermail/vim/2006-October/001077.html"
              },
              {
                "name": "20061006 Re: net2ftp Remote File Inclusion - bogus report",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/447916/100/0/threaded"
              },
              {
                "name": "net2ftp-index-file-include(29203)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29203"
              },
              {
                "name": "1655",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1655"
              },
              {
                "name": "20060926 net2ftp: a web based FTP client :) \u003c= Remote File Inclusion",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/447156/100/0/threaded"
              },
              {
                "name": "20061009 net2ftp: a web based FTP client :) \u003c= Remote File Inclusion (fwd)",
                "tags": [
                  "mailing-list",
                  "x_refsource_VIM",
                  "x_transferred"
                ],
                "url": "http://www.attrition.org/pipermail/vim/2006-October/001076.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-09-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "PHP remote file inclusion vulnerability in index.php in net2ftp, possibly 0.1 through 0.62, allows remote attackers to execute arbitrary PHP code via a URL in the application_rootdir parameter. NOTE: this issue has been disputed by a third party researcher, CVE, and the vendor.  The vendor says \"the variable is set in settings.inc.php, so this is not a vulnerability."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.net2ftp.org/forums/viewtopic.php?pid=6689"
            },
            {
              "name": "20061002 Re: net2ftp: a web based FTP client :) \u003c= Remote File Inclusion",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/447535/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.net2ftp.org/forums/viewtopic.php?pid=6676"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.net2ftp.org/forums/viewtopic.php?pid=6687"
            },
            {
              "name": "20061009 Re: net2ftp: a web based FTP client :) \u003c= Remote File Inclusion",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/448037/100/0/threaded"
            },
            {
              "name": "20061009 net2ftp: a web based FTP client :) \u003c= Remote File Inclusion (fwd)",
              "tags": [
                "mailing-list",
                "x_refsource_VIM"
              ],
              "url": "http://www.attrition.org/pipermail/vim/2006-October/001077.html"
            },
            {
              "name": "20061006 Re: net2ftp Remote File Inclusion - bogus report",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/447916/100/0/threaded"
            },
            {
              "name": "net2ftp-index-file-include(29203)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29203"
            },
            {
              "name": "1655",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1655"
            },
            {
              "name": "20060926 net2ftp: a web based FTP client :) \u003c= Remote File Inclusion",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/447156/100/0/threaded"
            },
            {
              "name": "20061009 net2ftp: a web based FTP client :) \u003c= Remote File Inclusion (fwd)",
              "tags": [
                "mailing-list",
                "x_refsource_VIM"
              ],
              "url": "http://www.attrition.org/pipermail/vim/2006-October/001076.html"
            }
          ],
          "tags": [
            "disputed"
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-5097",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "** DISPUTED **  PHP remote file inclusion vulnerability in index.php in net2ftp, possibly 0.1 through 0.62, allows remote attackers to execute arbitrary PHP code via a URL in the application_rootdir parameter. NOTE: this issue has been disputed by a third party researcher, CVE, and the vendor.  The vendor says \"the variable is set in settings.inc.php, so this is not a vulnerability.\""
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.net2ftp.org/forums/viewtopic.php?pid=6689",
                  "refsource": "MISC",
                  "url": "http://www.net2ftp.org/forums/viewtopic.php?pid=6689"
                },
                {
                  "name": "20061002 Re: net2ftp: a web based FTP client :) \u003c= Remote File Inclusion",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/447535/100/0/threaded"
                },
                {
                  "name": "http://www.net2ftp.org/forums/viewtopic.php?pid=6676",
                  "refsource": "MISC",
                  "url": "http://www.net2ftp.org/forums/viewtopic.php?pid=6676"
                },
                {
                  "name": "http://www.net2ftp.org/forums/viewtopic.php?pid=6687",
                  "refsource": "MISC",
                  "url": "http://www.net2ftp.org/forums/viewtopic.php?pid=6687"
                },
                {
                  "name": "20061009 Re: net2ftp: a web based FTP client :) \u003c= Remote File Inclusion",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/448037/100/0/threaded"
                },
                {
                  "name": "20061009 net2ftp: a web based FTP client :) \u003c= Remote File Inclusion (fwd)",
                  "refsource": "VIM",
                  "url": "http://www.attrition.org/pipermail/vim/2006-October/001077.html"
                },
                {
                  "name": "20061006 Re: net2ftp Remote File Inclusion - bogus report",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/447916/100/0/threaded"
                },
                {
                  "name": "net2ftp-index-file-include(29203)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29203"
                },
                {
                  "name": "1655",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1655"
                },
                {
                  "name": "20060926 net2ftp: a web based FTP client :) \u003c= Remote File Inclusion",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/447156/100/0/threaded"
                },
                {
                  "name": "20061009 net2ftp: a web based FTP client :) \u003c= Remote File Inclusion (fwd)",
                  "refsource": "VIM",
                  "url": "http://www.attrition.org/pipermail/vim/2006-October/001076.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-5097",
        "datePublished": "2006-09-29T21:00:00.000Z",
        "dateReserved": "2006-09-29T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:41:04.735Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }