CVE-2006-3554

CVE-2006-3554 affects MKPortal 1.0.1 Final and is a directory traversal vulnerability in index.php. The underlying flaw allows remote attackers to include and execute arbitrary local files by manipulating directory traversal sequences in the language cookie, demonstrated by injecting PHP sequence...

Directory traversal

Directory traversal vulnerability in 1 initiate.php and 2 possibly other PHP scripts in Turnkey Web Tools PHP Live Helper 1.8, and possibly later versions, allows remote authenticated users to include and execute arbitrary local files via directory traversal sequences in the language cookie, as...