Vulnerabilities

CVE-2006-1963

by Fred · 21/04/2006

Directory traversal vulnerability in main.php in PCPIN Chat 5.0.4 and earlier allows remote authenticated users to include and execute arbitrary PHP code via a ".." (dot dot) in a language cookie, as demonstrated by uploading then accessing a smiliefile image that actually contains PHP code.

Date published : 2006-04-21

http://www.securityfocus.com/bid/17632

http://www.securityfocus.com/archive/1/431390/100/0/threaded

Similar

Tags: Cybersecurity Alert