CVE-2011-1715

Directory traversal vulnerability in framework/source/resource/qx/test/part/delay.php in QooxDoo 1.3 and possibly other versions, as used in eyeOS 2.2 and 2.3, and possibly other products allows remote attackers to read arbitrary files via ..%2f (encoded dot dot) sequences in the file parameter.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:qooxdoo:qooxdoo:1.3:*:*:*:*:*:*:*
OR cpe:2.3:o:eyeos:eyeos:2.2:*:*:*:*:*:*:*
cpe:2.3:o:eyeos:eyeos:2.3:*:*:*:*:*:*:*

History

No history.

Information

Published : 2011-04-18 18:55

Updated : 2024-02-28 11:41


NVD link : CVE-2011-1715

Mitre link : CVE-2011-1715

CVE.ORG link : CVE-2011-1715


JSON object : View

Products Affected

eyeos

  • eyeos

qooxdoo

  • qooxdoo
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')