CVE-2006-7001

Directory traversal vulnerability in avatar.php in PhpMyChat Plus 1.9 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the L parameter, a different issue than CVE-2006-5897. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Published : 2007-02-12 19:28 Updated : 2008-09-05 21:16

7.1
CVSS Score More info
Score 7.1 / 10
7.1
Vendor Product Version URI
Phpmychat Plus Phpmychat Plus 1.9 cpe:/a:phpmychat_plus:phpmychat_plus:1.9
  1. Phpmychat Plus (1) Search CVE
    1. Phpmychat Plus (1) Search CVE
      1. 1.9

CWE

There is no CWE for this CVE.

Reference

There is no reference for this CVE.

History of changes

Date Event
2007-02-12 19:28

New CVE