4 matches found
CVE-2006-0714
Directory traversal vulnerability in the installation file sql/install-0.9.7.php in Flyspray 0.9.7 allows remote attackers to include arbitrary files via a .. dot dot sequence in the adodbpath parameter...
Directory traversal
Directory traversal vulnerability in the installation file sql/install-0.9.7.php in Flyspray 0.9.7 allows remote attackers to include arbitrary files via a .. dot dot sequence in the adodbpath parameter...
CVE-2006-0714
Flyspray 0.9.7 is vulnerable to a directory traversal/remote file inclusion in the installation script sql/install-0.9.7.php via the adodbpath parameter. The adodbpath input is unsafely used in include_once(), allowing an unauthenticated attacker to view arbitrary files and potentially execute PH...
CVE-2006-0714
Directory traversal vulnerability in the installation file sql/install-0.9.7.php in Flyspray 0.9.7 allows remote attackers to include arbitrary files via a .. dot dot sequence in the adodbpath parameter...