|
|
CVE Reference: CVE-2006-1594 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-1594 |
|
|
Description: Multiple directory traversal vulnerabilities in document/rqmkhtml.php in Claroline 1.7.4 and earlier allow remote attackers to use ".." (dot dot) sequences to (1) read arbitrary files via the file parameter in a rqEditHtml command to document/rqmkhtml.php or (2) execute arbitrary code via the includePath parameter to learnPath/include/scormExport.inc.php. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/25561 SAID Secunia Advisory: SA19461 MISC http://retrogod.altervista.org/claroline_174_incl_xpl.html http://www.milw0rm.com/exploits/1627 BID 17343 |
|
| Return to the previous page. |
