CVE-2006-0707

2006-02-15T06:06:00
ID CVE-2006-0707
Type cve
Reporter NVD
Modified 2017-07-19T21:29:59

Description

PyBlosxom before 1.3.2, when running on certain webservers, allows remote attackers to read arbitrary files via an HTTP request with multiple leading / (slash) characters, which is accessed using the PATH_INFO variable.