Directory traversal vulnerability in the delete function in IMCE before 1.6, a Drupal module, allows remote authenticated users to delete arbitrary files via ".." sequences.
References
Link | Resource |
---|---|
http://drupal.org/node/87101 | Patch Vendor Advisory |
http://www.securityfocus.com/bid/20312 | Patch Vendor Advisory |
http://secunia.com/advisories/22261 | Patch Vendor Advisory |
http://www.vupen.com/english/advisories/2006/3892 | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/29324 |
Configurations
Information
Published : 2007-03-05 12:19
Updated : 2017-07-28 18:29
NVD link : CVE-2006-7110
Mitre link : CVE-2006-7110
JSON object : View
CWE
Products Affected
drupal
- imce_module