CVE-2006-4161
CVE-2006-4161 : The provided documents confirm a directory-traversal flaw in XennoBB 2.1.0 and earlier, located in the profile.php avatar_gallery action. An attacker could read arbitrary files by supplying a .. (dot dot) sequence in the category parameter. The NVD entry lists the affected softwar...