CVE-2006-3934

2006-07-31T18:04:00
ID CVE-2006-3934
Type cve
Reporter NVD
Modified 2017-07-19T21:32:42

Description

Absolute path traversal vulnerability in downloadTrigger.jsp in Alkacon OpenCms before 6.2.2 allows remote authenticated users to download arbitrary files via an absolute pathname in the filePath parameter.