NuytsTech Security

CVE-2005-4600

by ·

Directory traversal vulnerability in tiny_mce_gzip.php in TinyMCE Compressor PHP before 1.06 allows remote attackers to read or include arbitrary files via a trailing null byte (%00) in the (1) theme, (2) language, (3) plugins, or (4) lang parameter.

Date published : 2006-01-01

http://www.securityfocus.com/bid/16083

http://www.securityfocus.com/archive/1/420543/100/0/threaded

Tags: