2 matches found
CVE-2011-1715
Directory traversal vulnerability in framework/source/resource/qx/test/part/delay.php in QooxDoo 1.3 and possibly other versions, as used in eyeOS 2.2 and 2.3, and possibly other products allows remote attackers to read arbitrary files via ..%2f encoded dot dot sequences in the file parameter...
CVE-2011-1715
CVE-2011-1715 describes a directory traversal vulnerability in EyeOS-integrated QooxDoo components (notably the file devtools/qooxdoo-sdk/framework/source/resource/qx/test/part/delay.php). The flaw allows remote attackers to read arbitrary files by supplying encoded dot-dot sequences in the file ...