CVE-2011-1715

Directory traversal vulnerability in framework/source/resource/qx/test/part/delay.php in QooxDoo 1.3 and possibly other versions, as used in eyeOS 2.2 and 2.3, and possibly other products allows remote attackers to read arbitrary files via ..%2f (encoded dot dot) sequences in the file parameter.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:qooxdoo:qooxdoo:1.3:*:*:*:*:*:*:*
OR cpe:2.3:o:eyeos:eyeos:2.3:*:*:*:*:*:*:*
cpe:2.3:o:eyeos:eyeos:2.2:*:*:*:*:*:*:*

Information

Published : 2011-04-18 11:55

Updated : 2017-08-16 18:34


NVD link : CVE-2011-1715

Mitre link : CVE-2011-1715


JSON object : View

CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Advertisement

dedicated server usa

Products Affected

qooxdoo

  • qooxdoo

eyeos

  • eyeos