2 matches found
CVE-2006-4432
Directory traversal vulnerability in Zend Platform 2.2.1 and earlier allows remote attackers to overwrite arbitrary files via a .. dot dot sequence in the final component of the PHP session identifier PHPSESSID. NOTE: in some cases, this issue can be leveraged to perform direct static code...
CVE-2006-4432
The CVE-2006-4432 entry describes a directory traversal in Zend Platform 2.2.1 and earlier. An attacker can overwrite arbitrary files by supplying a .. in the final PHPSESSID component, enabling potential direct static code injection in some cases. The affected product is Zend Platform (versions ...