CVE-2006-3934

CVE-2006-3934 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

Absolute path traversal vulnerability in downloadTrigger.jsp in Alkacon OpenCms before 6.2.2 allows remote authenticated users to download arbitrary files via an absolute pathname in the filePath parameter.

Learn more about our Cms Pen Testing.