CVE-2006-3972
The CVE-2006-3972 entry concerns the Scott Weedon Ajax Chat component (likely version 0.1) where a directory traversal flaw exists in includes/operator_chattranscript.php. An attacker can supply '..' in the chatid parameter to read arbitrary files, enabling partial confidentiality impact. The NVD...