CVE-2006-1791 Information

Description

Directory traversal vulnerability in acc.php in QuickBlogger 1.4 allows remote attackers to read or include arbitrary local files via the request parameter. NOTE: this issue can also produce resultant XSS when the associated include statement fails.

Reference

http://secunia.com/advisories/15942 http://www.securityfocus.com/archive/1/430878/100/0/threaded http://www.securityfocus.com/archive/1/431059/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/25795