CVE-2006-6175

Publication date

2006-11-30 16:00:00

Family

mitre

State

PUBLISHED

Description

Directory traversal vulnerability in lib/FBView.php in Horde Kronolith H3 before 2.0.7 and 2.1.x before 2.1.4 allows remote attackers to include arbitrary files and execute PHP code via a .. (dot dot) sequence in the view parameter.