CVE-2006-4161

2006-08-16T22:04:00
ID CVE-2006-4161
Type cve
Reporter cve@mitre.org
Modified 2018-10-17T21:33:00

Description

Directory traversal vulnerability in the avatar_gallery action in profile.php in XennoBB 2.1.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the category parameter.