logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2006-0707

Description

PyBlosxom before 1.3.2, when running on certain webservers, allows remote attackers to read arbitrary files via an HTTP request with multiple leading / (slash) characters, which is accessed using the PATH_INFO variable.


Affected Package


OS OS Version Package Name Package Version
Debian 10 pyblosxom 1.5.3-3
Debian 9 pyblosxom 1.5.3-2

Related