2 matches found
CVE-2007-3547
Directory traversal vulnerability in qticheckname.php in QuickTicket 1.2 allows remote attackers to include and execute arbitrary local files a .. dot dot in the lang parameter...
CVE-2007-3547
CVE-2007-3547 describes a directory traversal vulnerability in QuickTicket 1.2. The flaw is in the PHP script qti_checkname.php , where an attacker can influence the lang parameter (using dot-dot sequences) to cause local file inclusion and arbitrary code execution. This is a remote vulnerability...