CVE-2013-5107

2013-12-14T12:21:45
ID CVE-2013-5107
Type cve
Reporter NVD
Modified 2013-12-16T15:35:28

Description

Directory traversal vulnerability in RockMongo 1.1.5 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the ROCK_LANG cookie, as demonstrated in a login.index action to index.php.