CVE-2006-4161

2006-08-16T18:04:00
ID CVE-2006-4161
Type cve
Reporter NVD
Modified 2017-07-19T21:32:52

Description

Directory traversal vulnerability in the avatar_gallery action in profile.php in XennoBB 2.1.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the category parameter.