|
|
CVE Reference: CVE-2006-2633 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-2633 |
|
|
Description: Absolute path traversal vulnerability in the copy action in index.php in Andrew Godwin ByteHoard 2.1 and earlier allows remote authenticated users to create or overwrite files in other users' directories by specifying the absolute path of the directory in the infolder parameter and simultaneously specifying the filename in the filepath parameter. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/26705 SREASON http://securityreason.com/securityalert/968 SAID Secunia Advisory: SA20304 CONFIRM http://sourceforge.net/project/shownotes.php?release_id=420549&group_id=90199 http://sourceforge.net/forum/forum.php?forum_id=576219 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/435135/100/0/threaded BID 18139 |
|
| Return to the previous page. |
