CVE-2006-1791

Name of the Vulnerable Software and Affected Versions QuickBlogger version 1.4

Description A directory traversal issue in the acc.php file allows remote attackers to read or include arbitrary local files via the request parameter. This issue can also lead to resultant XSS when the associated include statement fails.

Recommendations For QuickBlogger version 1.4, consider restricting access to the acc.php file and the request parameter to minimize the risk of exploitation. As a temporary workaround, avoid using the request parameter in the affected API endpoint until the issue is resolved.