CVE Vulnerabilities

CVE-2004-1426

Published: Dec 31, 2004 | Modified: Oct 18, 2016
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

Directory traversal vulnerability in index.php in KorWeblog 1.6.2-cvs and earlier allows remote attackers to read arbitrary files and execute arbitrary PHP files via .. (dot dot) sequences in the lng parameter.

Affected Software

Name Vendor Start Version End Version
Korweblog Korweblog 1.6.1 (including) 1.6.1 (including)
Korweblog Korweblog 1.6.2cvs (including) 1.6.2cvs (including)

References