CVE-2007-6400

2007-12-17T13:46:00
ID CVE-2007-6400
Type cve
Reporter NVD
Modified 2017-09-28T21:29:55

Description

Directory traversal vulnerability in download_file.php in PolDoc CMS (aka PDDMS) 0.96 allows remote attackers to read arbitrary files via a .. (dot dot) or absolute pathname in the filename parameter.