CVE-2006-1595
CVE-2006-1595 describes a cross-site scripting (XSS) vulnerability in Claroline 1.7.4 and earlier, affecting the file document/rqmkhtml.php via the rqEditHtml command. The flaw lets remote attackers read arbitrary files by supplying ".." sequences in the file parameter, effectively enabling path ...