CVE-2006-1823
N/A
N/A
Summary
Directory traversal vulnerability in FarsiNews 2.5.3 Pro and earlier allows remote attackers to obtain the installation path via ".." sequences in the archive parameter to index.php, which leaks the full pathname in an error message.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.securityfocus.com/archive/1/431011/100/0/threaded
- http://securitytracker.com/id?1015943
- http://securityreason.com/securityalert/710
- http://secunia.com/advisories/19648
- http://www.vupen.com/english/advisories/2006/1411
References
- http://www.securityfocus.com/archive/1/431011/100/0/threaded
- http://securitytracker.com/id?1015943
- http://securityreason.com/securityalert/710
- http://secunia.com/advisories/19648
- http://www.vupen.com/english/advisories/2006/1411
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.