NuytsTech Security

CVE-2006-1260

by ·

Horde Application Framework 3.0.9 allows remote attackers to read arbitrary files via a null character in the url parameter in services/go.php, which bypasses a sanity check.

Date published : 2006-03-18

http://www.securityfocus.com/bid/17117

http://www.securityfocus.com/archive/1/427710/100/0/threaded

Tags: