CVE-2006-0795

Publication date

2006-02-19 21:00:00

Family

mitre

State

PUBLISHED

Description

Absolute path traversal vulnerability in convert.cgi in Quirex 2.0.2 and earlier allows remote attackers to read arbitrary files, and possibly execute arbitrary code, via the (1) quiz_head, (2) quiz_foot, and (3) template variables.