CVE-2005-4095 Information

Description

Directory traversal vulnerability in connector.php in the fckeditor2rc2 addon in DoceboLMS 2.0.4 allows remote attackers to list arbitrary files and directories via ..\ sequences in the Type parameter in a GetFoldersAndFiles command.

Reference

http://rgod.altervista.org/docebo204_xpl.html http://secunia.com/advisories/1015308 http://secunia.com/advisories/17896 http://securitytracker.com/id?1015308 http://www.osvdb.org/21464 http://www.securityfocus.com/bid/15742 http://www.vupen.com/english/advisories/2005/2771 https://exchange.xforce.ibmcloud.com/vulnerabilities/23518