CVE-2006-0347

Directory traversal vulnerability in ELOG before 2.6.1 allows remote attackers to access arbitrary files outside of the elog directory via "../" (dot dot) sequences in the URL.

Date published : 2006-01-20

http://www.securityfocus.com/bid/16315

http://www.debian.org/security/2006/dsa-967