CVE-2004-2256 Information

Description

Directory traversal vulnerability in phpMyFAQ 1.4.0 alpha allows remote attackers to read arbitrary files and possibly execute local PHP files via .. sequences in the lang (language) variable.

Reference

http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0906.html http://secunia.com/advisories/11640 http://securitytracker.com/id?1010190 http://www.phpmyfaq.de/advisory_2004-05-18.php http://www.securityfocus.com/archive/1/363636 http://www.securityfocus.com/bid/10377 https://exchange.xforce.ibmcloud.com/vulnerabilities/16223