CVE-2006-0315
CVE-2006-0315 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:P/A:N
index.php in EZDatabase before 2.1.2 does not properly cleanse the p parameter before constructing and including a .php filename, which allows remote attackers to conduct directory traversal attacks, and produces resultant cross-site scripting (XSS) and path disclosure.
Learn more about our Web Application Penetration Testing UK.