Security Advisory

CVE-2006-0660

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2006-02-13 11:00:00

Last updated 2024-08-07 16:41:29

Assigner mitre

State PUBLISHED

Description

Multiple directory traversal vulnerabilities in FarsiNews 2.5 and earlier allows remote attackers to (1) read arbitrary files or trigger an error message path disclosure via ".." or invalid names in the archive parameter to index.php, or (2) include arbitrary files via the template parameter to show_archives.php.

← Browse all CVEs View on cve.org ↗