Description

Directory traversal vulnerability in the staticfilter component in CherryPy before 2.1.1 allows remote attackers to read arbitrary files via ".." sequences in unspecified vectors.

Remediation

References

CVE-2006-0847

Related Vulnerabilities

ownCloud Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-1942)

WordPress Plugin EWWW Image Optimizer Cloud Cross-Site Scripting (2.0.1)

WordPress Plugin Edwiser Bridge-WordPress Moodle LMS Integration Multiple Cross-Site Request Forgery Vulnerabilities (2.0.6)

PHP Out-of-bounds Write Vulnerability (CVE-2017-9228)

WordPress Plugin WP Forum Server Cross-Site Scripting and SQL Injection Vulnerabilities (1.7.3)

Severity

Medium

Classification

CVE-2006-0847

Tags

Missing Update Known Vulnerabilities