NuytsTech Security

CVE-2006-3194

by ·

Directory traversal vulnerability in index.php in singapore 0.10.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) sequence and trailing null (%00) byte in the (1) gallery and (2) template parameter.

Date published : 2006-06-22

http://www.securityfocus.com/bid/18518

http://www.securityfocus.com/archive/1/437716/100/0/threaded

Tags: