RSS   Vulnerabilities for 'Learnloop'   RSS

2007-12-04
 
CVE-2007-6214

 

 
Directory traversal vulnerability in include/file_download.php in LearnLoop 2.0 beta7 allows remote attackers to read arbitrary files via a .. (dot dot) in the sFilePath parameter. NOTE: exploitation requires that the product is configured, but has zero files in the database.

 


Copyright 2024, cxsecurity.com

 

Back to Top