CVE-2004-1426

Publication date

2005-02-12 05:00:00

Family

mitre

State

PUBLISHED

Description

Directory traversal vulnerability in index.php in KorWeblog 1.6.2-cvs and earlier allows remote attackers to read arbitrary files and execute arbitrary PHP files via .. (dot dot) sequences in the lng parameter.