Vulnerabilities > CVE-2006-1791 - Cross-Site Scripting vulnerability in JL Webworks Quickblogger 1.4
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Directory traversal vulnerability in acc.php in QuickBlogger 1.4 allows remote attackers to read or include arbitrary local files via the request parameter. NOTE: this issue can also produce resultant XSS when the associated include statement fails.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |