CVE-2006-1791

2006-04-1423:00:00

mitre

www.cve.org

6 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

77.0%

JSON

Directory traversal vulnerability in acc.php in QuickBlogger 1.4 allows remote attackers to read or include arbitrary local files via the request parameter. NOTE: this issue can also produce resultant XSS when the associated include statement fails.

References

secunia.com/advisories/15942

www.securityfocus.com/archive/1/430878/100/0/threaded

www.securityfocus.com/archive/1/431059/100/0/threaded

exchange.xforce.ibmcloud.com/vulnerabilities/25795