2 matches found
CVE-2006-1963
Directory traversal vulnerability in main.php in PCPIN Chat 5.0.4 and earlier allows remote authenticated users to include and execute arbitrary PHP code via a ".." dot dot in a language cookie, as demonstrated by uploading then accessing a smiliefile image that actually contains PHP code...
Directory traversal
Directory traversal vulnerability in main.php in PCPIN Chat 5.0.4 and earlier allows remote authenticated users to include and execute arbitrary PHP code via a ".." dot dot in a language cookie, as demonstrated by uploading then accessing a smiliefile image that actually contains PHP code...