Arbitrary File Read/Inclusion Vulnerability in XOOPS 2.2.3

Arbitrary File Read/Inclusion Vulnerability in XOOPS 2.2.3

CVE-2005-3680 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:P/A:N

Directory traversal vulnerability in editor_registry.php in XOOPS 2.2.3 allows remote attackers to read or include arbitrary local files via a .. (dot dot) in the xoopsConfig[language] parameter.

Learn more about our Web Application Penetration Testing UK.